A new report from CrowdStrike reveals a dramatic escalation in cyber threats, highlighted by a 150% surge in Chinese state-sponsored cyber espionage and the rapid weaponization of artificial intelligence (AI) in deception tactics.
The 2025 Global Threat Report exposes a shifting landscape where adversaries increasingly bypass traditional security measures, exploiting identity vulnerabilities and leveraging advanced social engineering.
China’s aggressive cyber expansion
The report identifies seven new Chinese cyber adversary groups in 2024, driving a 150% increase in espionage attacks.
Critical sectors like finance, media, manufacturing, and industrial operations witnessed a staggering 300% spike in targeted attacks. This signifies a more aggressive and sophisticated approach by China-nexus actors, posing a significant threat to global industries.
AI fuels social engineering and credential theft
Adversaries are rapidly adopting AI-driven techniques, particularly in social engineering. Voice phishing (vishing) attacks saw a 442% increase between the first and second halves of 2024.
Sophisticated crime groups are using AI-generated impersonations and phishing tactics to steal credentials, establish remote access, and evade detection.
Additionally, Iran is exploring GenAI for vulnerability research and exploit development, showcasing the growing use of AI in nation-state cyber operations.
READ ALSO: Tech summit tackles AI, cybersecurity in BPM sector
Malware-free attacks and insider threats rise
A significant trend highlighted in the report is the shift towards malware-free attacks. 79% of initial access attempts now rely on compromised credentials, allowing adversaries to infiltrate systems as legitimate users.
Access broker advertisements have also surged by 50% year-over-year. Furthermore, insider threats remain a critical concern, with North Korean actors involved in numerous incidents, often operating under the guise of legitimate employment to gain system access.
The report also emphasizes the alarming speed of attacks, with average cyber crime breakout times dropping to 48 minutes and some occurring in mere seconds.
Cloud environments are also under increasing siege, with valid account abuse being the primary initial access tactic. Unpatched vulnerabilities continue to be a significant entry point for attackers, highlighting the critical need for robust security measures.
READ MORE TECH AND AI NEWS.
