CrowdStrike: How Are AI Threats Reshaping Cybersecurity?

Although touted as a promising tool for safeguarding digital landscapes, AI has increasingly become a double-edged sword when it comes to cybersecurity.
CrowdStrike's 2025 Threat Hunting Report provides a comprehensive overview of the shifting cyber threat landscape driven by AI innovations and malpractices.
The report reveals the extent to which cybercriminals have embraced Gen AI to infiltrate, manipulate and sustain their presence within enterprise environments.
In the current landscape, CrowdStrike draws attention to a "cyber arms race", with both electronic crime (eCrime) and nation-state actors exploiting Gen AI to achieve remarkable speed, scope and deception.
CrowdStrikeâs 2025 Threat Hunting Report, in brief
CrowdStrikeâs latest view paints a stark portrait of the modern challenges facing cybersecurity.
It found a 27% increase in interactive intrusions, characterised by dynamic breaches where attackers adapt tactics in real time.
This rise emphasises that âadversaries are innovating their operations to bypass legacy detection methodsâ, CrowdStrike says.
Additionally, 81% of these attacks were devoid of malware, with threat actors cleverly impersonating "legitimate users" within networks.
Financially motivated eCrime constitutes almost 75% of these breaches, indicating a persistent challenge for cybersecurity experts.
Gen AIâs influence has seen nation-state taking advantage, using AI for espionage and to steal vital information.
The role of Gen AI
One of the most alarming trends is the transformative use of Gen AI, according to CrowdStrike.
North Korea-linked groups like FAMOUS CHOLLIMA are prime examples, using Gen AI to fabricate realistic résumés and deepfake videos to infiltrate businesses unnoticed.
Such tactics have led to more than 320 companies being compromised in one year â a massive 220% increase.
Moreover, these operatives leverage Gen AI tools to carry out technical tasks, masking language barriers and juggling multiple jobs without detection.
But AIâs impact extends far beyond insider threats.
Russian and Iranian actors have been observed using AI-driven language models for phishing and misinformation campaigns, compounding the challenge faced by security teams worldwide.
These AI-generated campaigns amplify disinformation, as seen with Russian EMBER BEARâs pro-Kremlin propaganda and Iran-linked CHARMING KITTENâs multilingual phishing attacks targeting Western organisations.
Are traditional cyber defences dwindling?
The erosion of traditional cyber defences is another critical takeaway from the report.
Entities like SCATTERED SPIDER exploit cloud and SaaS platforms, bypassing endpoint detection to execute vishing attacks.
This method includes impersonating employees to manipulate password resets and Multi-Factor Authentication (MFA), achieving ransomware deployment.
The emergence of cloud environments as central targets is starkly highlighted by a 136% increase in cloud intrusions in 2025, with specific emphasis on actors such as GENESIS PANDA and MURKY PANDA.
Telecommunications companies are particularly susceptible, experiencing a 130% increase in nation-state activities due to adversariesâ stealthy, prolonged intelligence-gathering operations.
In response, CrowdStrike advocates for an evolved defensive strategy. This includes harnessing AI not only for detection but to develop autonomous systems that proactively manage threats across varied digital infrastructures.


