CrowdStrike Report Warns of AI-Powered Cyber Threats in 2025
The CrowdStrike 2025 Threat Hunting Report highlights how adversaries are leveraging AI to scale attacks, target cloud systems, and refine long-term cyberattack strategies.
AI Weaponization on the Rise
Adversaries are increasingly weaponizing AI to scale operations, accelerate attacks, and target autonomous AI agents in modern businesses. The CrowdStrike 2025 Threat Hunting Report reveals how threat actors are using AI to:
- Automate tasks like malware development and technical problem-solving.
- Gain unauthorized access, steal credentials, and deploy malware.
- Exploit vulnerabilities in AI software to expand the attack surface.
Notably, FAMOUS CHOLLIMA, a DPRK-nexus adversary, infiltrated over 320 companies in the past year—a 220% increase—by using generative AI (GenAI) for resume creation, deepfake video interviews, and AI-powered coding tools.
Cross-Domain Attacks and Cloud Vulnerabilities
Adversaries are bypassing traditional defenses to move across endpoint, identity, cloud, and unmanaged systems. Key findings include:
- SCATTERED SPIDER resurfaced with faster tradecraft, using vishing and help desk impersonation to bypass MFA and deploy ransomware in under 24 hours.
- Cloud intrusions surged 136% in H1 2025 compared to all of 2024, with China-nexus actors like GENESIS PANDA exploiting misconfigurations.
- Identity attacks are critical, with adversaries using stolen PII to impersonate employees and pivot to SaaS applications.
Key Trends and Statistics
The report highlights alarming trends:
- 81% of interactive intrusions were malware-free.
- eCrime accounted for 73% of interactive intrusions.
- Vishing attacks are on track to double in volume by end of 2025.
- Government sector intrusions rose 71% YoY, with targeted intrusions up 185%.
Prolific Threat Actors
CrowdStrike now tracks 265+ named adversaries and 150+ activity clusters, including:
- EMBER BEAR and CHARMING KITTEN: Using GenAI for pro-Russia narratives and phishing lures.
- GLACIAL PANDA: Driving a 130% rise in telecom-sector espionage.
Recommendations and Resources
To combat these threats, CrowdStrike recommends:
- Adopting advanced threat intelligence solutions like CrowdStrike’s platform.
- Staying informed via the Adversary Universe podcast.
For deeper insights, download the full report or attend the CrowdCast.
Related News
Zscaler CAIO on securing AI agents and blending rule-based with generative models
Claudionor Coelho Jr, Chief AI Officer at Zscaler, discusses AI's rapid evolution, cybersecurity challenges, and combining rule-based reasoning with generative models for enterprise transformation.
Lenovo Wins Frost Sullivan 2025 Asia-Pacific AI Services Leadership Award
Lenovo earns Frost Sullivan's 2025 Asia-Pacific AI Services Customer Value Leadership Recognition for its value-driven innovation and real-world AI impact.
About the Author
Dr. Emily Wang
AI Product Strategy Expert
Former Google AI Product Manager with 10 years of experience in AI product development and strategy formulation. Led multiple successful AI products from 0 to 1 development process, now provides product strategy consulting for AI startups while writing AI product analysis articles for various tech media outlets.