Phishing (including malspam, vishing, and malvertising) was the dominant intrusion vector, accounting for approx. 60% of cases..

There has been a 25% year-on-year increase in financial institution intrusion events for 2024.

Targeted intrusions against financial institutions increased by 109% year-over-year.

81% of interactive (hands-on-keyboard) intrusions were malware-free.

Cloud intrusions increased by 136% in the first half of 2025 compared to all of 2024.

The government sector experienced a 71% year-over-year increase in overall interactive intrusions and a 185% year-over-year increase in targeted intrusion activity.

eCrime activity represented 73% of total interactive intrusions.

System intrusion breaches in EMEA surged to 53%, nearly doubling last year’s rate of 27%.

The Veeam vulnerability (CVE-2024-40711) and similar documented vulnerabilities played a role in nearly 15 percent of the cases Sophos MDR tracked involving malicious intrusions in 2024.

Over a third of all incidents involving intrusion into smaller organisations have systems on the network edge as the initial point of compromise.