Global Threat Report 2025
CrowdStrike®, an international cybersecurity specialist, publishes the Global Threat Report annually to present the latest developments, challenges and threats in the field of cybercrime. We summarise the most relevant innovations and findings from the full report for you.
Geopolitics as a driving factor
In the wake of rising international tensions, cybercrime is increasingly dominated by geopolitical influences. Actors from China, Russia and North Korea often work with support and protection from government circles. China in particular is increasingly in the spotlight when it comes to cybercrime; for example, China-nexus attacks have increased by 150% across all sectors compared to the previous year. The objectives of these attacks range from destabilising other nations to securing information and stealing intellectual property. In order to avoid becoming a pawn in international geopolitics, organisations must pay close attention to the topics of information security, data protection and cloud computing.
AI as the key to social engineering
In recent years, the trend in cyber attacks has been away from malware and towards people: Attackers are abandoning traditional hacking and instead trying to gain access to networks through personal contact with employees. The drastic development of AI has greatly accelerated this movement; in 2024, 79% of registered attacks were carried out without the use of malware. Intruders often have personal data and access questions, use deepfakes of faces or voices to gain trust and can use AI to create higher quality phishing emails much more efficiently.
Protection through management systems
This development emphasises the relevance of introducing and establishing an information security system in accordance with ISO 27001. The structured process approach is more effective than individual measures and ensures that security gaps are systematically assessed and minimised. Trained employees are also key: they are much better able to deal with threatening situations and, as the first and most important line of defence, massively reduce the risk of a successful cyberattack.
Race against the clock
The drastic reduction in eCrime breakout time (the time attackers need to gain access to critical infrastructure or sensitive data after initial access to the system) is putting organisations under great pressure. While this was 62 minutes in 2023, it will be just 48 minutes in 2024, meaning that a fast and targeted response is of the utmost importance in an emergency. Implementing an information security system in accordance with ISO 27001 helps organisations to detect and localise attacks more quickly.
Above all, a business continuity management system offers great added value in the area of damage limitation. Employees who have been trained for word-case scenarios and have an elaborate strategy can react much more quickly and competently and limit the damage.
Conclusion: Protect your organisation!
Do you want to be on the safe side in uncertain times? Expertise in areas such as information security, business continuity management, cloud computing, AI and much more drastically reduces the risk of a fatal cyberattack! CIS – Certification & Information Security Services GmbH will be happy to answer any questions you may have!
More news
