The CrowdStrike 2025 Global Threat Report stands as one of the leading authorities on adversary intelligence, offering in-depth analysis of the past year’s evolving cyberthreat landscape. According to CrowdStrike, in 2024, threat actors advanced at an unprecedented pace, developing new techniques and tools while devising innovative ways to bypass modern security measures—all with relentless precision against their targets. These adversaries are optimizing their methods, scaling proven strategies, and leveraging lessons from both failures and successes—their own and those of their peers—to execute attacks with a calculated, business-like efficiency. In their words, 2024 marked the rise of the resourceful, entrepreneurial adversary.
Here are a few key facts we should know and keep into consideration about the shifting threat landscape:
- Breakout time — how long it takes for an adversary to start moving laterally
across your network — reached an all-time low in the past year: The average
fell to 48 minutes, and the fastest breakout time we observed dropped to
a mere 51 seconds. - Voice phishing (vishing) attacks, where adversaries call victims to amplify
their activities with persuasive social engineering techniques, saw explosive
growth — up 442% between the first and second half of 2024. - Attacks related to initial access boomed, accounting for 52% of
vulnerabilities observed by CrowdStrike in 2024. Providing access as a
service became a thriving business, as advertisements for access brokers
increased 50% year-over-year. - Among nation-states, China-nexus activity surged 150% overall,
with some targeted industries suffering 200% to 300% more attacks than
the previous year. - GenAI played a pivotal role in sophisticated cyberattack campaigns
in 2024. It enabled FAMOUS CHOLLIMA to create highly convincing fake
IT job candidates that infiltrated victim organizations, and it helped China-,
Russia-, and Iran-affiliated threat actors conduct AI-driven disinformation
and influence operations to disrupt elections
You may view the entire report on their site at https://www.crowdstrike.com/en-us/
