So the CrowdStrike Global Threat Report dropped not that long ago. Phew, does it look nasty! I want to go through a few that stuck out to me. If last year was significant, 2025 is shaping up to be an eventful year for cybersecurity – and threat actors.

AI – A buzzword for cybersecurity or a vulnerability for everyone?

I am always very skeptical with new buzzwords in the industry. Vendors throw around Zero Trust, SOAR, SIEM, XDR, and AI like candy at a parade. So, it’s expected to be reserved in your opinions of AI at the beginning. But the people who are not reserved in their opinions and use are the threat actors. They don’t care. It makes their job easier and more accurate from deepfake voice scams – cloning CEOs’ voices to scam companies out of hundreds of thousands of dollars, to AI-generated phishing emails, where they don’t need to try as hard to make it look legitimate.

Another thing that stuck out is that we have heard of polymorphic malware (changes the signature of the files, or morphs, to evade security tools), but this is self-learning malware. These have been witnessed evading and bypassing security measures.

Hackers aren’t just guessing passwords anymore—they’re using AI to craft emails that look perfect, generate deepfake voices that sound exactly like your boss, and even create chatbots that steal your credentials. In 2025, cybercriminals are working smarter, not harder.

Supply Chain – A Hacker’s Wildest Dream

We’ve been screaming about the supply chain for a while. We are starting to see this become a playground for threat actors and a nightmare for companies. While we can talk about software supply chain ad nauseam, let’s look at the physical supply chain.

Acme Widgets make great widgets for many things – government, infrastructure, household items, utilities, etc. These widgets go into a lot of things. Acme has to get components from five other vendors that manufacture their products for Acme to use. Those five vendors get parts from another five vendors each, who source their materials from five raw sources. That is 156 security vector points that could be exploited! So, if we go back far enough, we could affect more than just one product. This is what I consider a continuum of harm.

And 156 vectors do not even consider all the organizations, governments, and people it would affect. So, apply this physical analogy to software at a scale of ~100x.

It’s not just YOUR security that matters anymore – it’s every vendor, contractor, and software provider you work with. In 2025, cybercriminals are going after the weakest link in the chain; if that link snaps, the whole system falls apart.

Ransomware is not going anywhere – It’s ramping up – again.

We have been talking about ransomware FOR YEARS… and it still seems like we are not getting the hang of it. If it is any consolation, threat actors now ensure they steal organizations’ data before encrypting it – you know? As a bargaining chip. This is not new, but we would have thought we’d have better defenses since WannaCry and NotPetya (big hint here: patch your vulnerable systems!). I will not beat a dead horse here (please don’t take that literally, I love animals), but CrowdStrike saw double and triple extortion schemes going on. Just because you paid for your files to be unlocked, doesn’t mean they are done with you. They will be back…

Ransomware gangs have upgraded their playbook. It’s no longer just ‘pay up or lose your files’—now they’re stealing data first, threatening to leak it, and even targeting your customers. Paying the ransom? That might not even be enough to stop the damage.

Cyber Warfare (I loathe this term, but here we go)

Governments have often used cyberattacks to bring another government to the negotiation table. Now, it is less about getting them to negotiate and more about reducing a government’s ability to respond to its people. Governments have fully adopted this as part of state craft by targeting critical infrastructure, stealing secrets, and targeting economic weaknesses. Now, ones and zeroes do not cause physical harm to people (hence my pedantic perspective of the term “cyber warfare”), but the secondary and tertiary effects can.

Cyberattacks aren’t just about stealing credit cards anymore. Governments are using them to shut down power grids, disrupt economies, and spy on rivals. In 2025, war isn’t only fought on battlefields—it’s happening in the digital world, and the fallout affects everyone.

So, what now?

Yeah, a bunch of scary stuff here. But there are things that can greatly decrease your chances of being affected by these things.

1. Patch your systems. Please do this regularly. Your computers, servers, applications, and mobile devices. Get these things on a schedule.
2. Turn on Multi-Factor Authentication. These tools are not an option anymore, and if you think it’s too much of a hassle, you will be kicking yourself when you have to go back to pen and paper when your company is locked out of its systems.
3. Train your employees to be vigilant. Cybersecurity takes a village and getting your employees involved is a great way to “bake-in” cybersecurity practices.
4. Zero Trust. Yes, another buzz word. However, the concept is solid (enough). Only allow accounts and identities to access what they request and nothing more. And when they are done, don’t trust them again until they validate the next time.
5. Be kind to AI. It isn’t perfect but it works faster than we do. If AI security tools exist, don’t just hate on them – give them feedback. This is the way our industry is going.

Cyber threats are evolving fast—but so are the defenses. Multi-factor authentication (MFA), AI-driven security tools, and Zero Trust frameworks aren’t just buzzwords anymore—they’re necessities. The question isn’t if you’ll be targeted. It’s when. Are you ready?

If any of this is concerning to you or your business/organization, please reach out to us at in**@******ec.com or (615) 709-2030 to discuss how we can partner with you to secure your world. Learn more at www.protasec.com.