Cybercriminals are more sophisticated than ever, a new report from CrowdStrike reveals. Breakout times are falling, social engineering is becoming more common and effective, and cyber espionage – particularly that originating in China – is growing increasingly aggressive.
“Our latest research demonstrates that adversaries are becoming more efficient, focused, and business-like in their approach — in many ways, more like the enterprise organizations they prey upon. That’s why our team of security analysts, experts, and authors chose ‘the enterprising adversary’ as the theme for this year’s CrowdStrike Global Threat Report,” said George Kurtz, CrowdStrike CEO and Founder.
Cyberattacks Are Faster Than Ever
Perhaps the most concerning finding detailed in the CrowdStrike report is the extraordinary speed at which attackers are carrying out attacks. Breakout time (the time an attacker takes to move laterally after initial access) dropped to an all-time low of 48 minutes.
More concerning still, the fastest observed breakout time was just 51 seconds, giving defenders almost no time to react. Clearly, automated solutions are essential for staying safe in the modern digital landscape.
The Rise of AI-Powered Cybercrime
Cybercriminals aren’t just getting faster; they’re getting more resourceful, too. CrowdStrike observed Russia, China, and Iran leveraging AI for election disinformation campaigns, while the North Korean hacker group Famous Chollima used AI-generated fake IT job candidates to infiltrate victim organizations.
To make matters worse, attackers aren’t just using AI; they’re using it to great effect: AI-generated phishing emails had a 54% success rate, compared to just 12% for human-written phishing emails.
Kurtz noted the ubiquity of AI tools among cyber criminals. “Highly effective adversaries across all major categories—nation-states, eCrime, and hacktivists—have become early and avid adopters of AI. The “force multiplier” impact of off-the-shelf chatbots has made genAI a popular addition to the global hacker toolbox,” he said.
Social Engineering Attacks Are Exploding
The dramatic rise in social engineering also stands out. Voice phishing (vishing) attacks surged by 442% in just six months, while help desk social engineering – which involves hackers impersonating employees to reset passwords and bypass MFA – also rose significantly. Ransomware groups Curly Spider and Wandering Spider favored these methods.
For Boris Cipot, Senior Security Engineer at Black Duck, vishing attacks are especially dangerous, especially if organizations aren’t prepared for them. He argues that protecting against vishing relies less on technical solutions and more on training employees to be skeptical.
“It’s important for organizations to ensure their employees cannot be pressured into a corner. Organizations must have clear instructions on how information can be passed on and what information can and cannot be given over the phone or in other forms of communication. Once this is established and understood within an organization, attackers are much less likely to pressure their target into giving them sensitive information based on a sense of urgency or the threat of being penalized,” he said.
J Stephen Kowski, Field CTO at SlashNext Email Security+, takes a similar view, arguing that individuals should never share personal information during unexpected calls, even if the caller seems legitimate.” He also recommends verifying caller identities by hanging up and calling back through official numbers, using call blocking cools, and remembering that legitimate organizations won’t pressure staff for immediate responses.
China’s Cyber Espionage Surges
The CrowdStrike report also reveals details of new China-nexus adversaries in 2024, fueling a 150% surge in espionage attacks and up to a 300% spike in targeted attacks on critical industries.
Nathaniel Jones, Vice President of Threat Research at Darktrace, notes that these findings align with Darktrace research. He highlights that, in 2024, CNI organizations became prime targets for China-linked threat actors, with Mustang Panda suspected of exfiltrating sensitive government data in the Asia-Pacific (APAC) region.
Cybersecurity in 2025: A Race Against Time
The key takeaway here is that hackers are getting faster and smarter. As such, real-time detection and response, proactive identity protection, and AI-driven threat hunting more critical than ever. The earlier organizations can respond to threats – ideally before they materialize – the better they can protect themselves.
Josh is a Content writer at Bora. He graduated with a degree in Journalism in 2021 and has a background in cybersecurity PR. He's written on a wide range of topics, from AI to Zero Trust, and is particularly interested in the impacts of cybersecurity on the wider economy.
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.
