CrowdStrike: How Are AI Threats Reshaping Cybersecurity?

Share this article
Share this article
Prioritise Us on Google
Adam Meyers, Senior Vice President of Counter Adversary Operations at CrowdStrike
CrowdStrike’s report uncovers how hackers use Gen AI for deepfakes, cloud intrusions and insider attacks, raising the bar for cyber defenders worldwide

Although touted as a promising tool for safeguarding digital landscapes, AI has increasingly become a double-edged sword when it comes to cybersecurity.

CrowdStrike's 2025 Threat Hunting Report provides a comprehensive overview of the shifting cyber threat landscape driven by AI innovations and malpractices.

The report reveals the extent to which cybercriminals have embraced Gen AI to infiltrate, manipulate and sustain their presence within enterprise environments.

Youtube Placeholder

In the current landscape, CrowdStrike draws attention to a "cyber arms race", with both electronic crime (eCrime) and nation-state actors exploiting Gen AI to achieve remarkable speed, scope and deception.

CrowdStrike’s 2025 Threat Hunting Report, in brief 

CrowdStrike’s latest view paints a stark portrait of the modern challenges facing cybersecurity.

It found a 27% increase in interactive intrusions, characterised by dynamic breaches where attackers adapt tactics in real time.
This rise emphasises that “adversaries are innovating their operations to bypass legacy detection methods”, CrowdStrike says.

Adam Meyers, CrowdStrike's Head of Counter Adversary Operations

Additionally, 81% of these attacks were devoid of malware, with threat actors cleverly impersonating "legitimate users" within networks.

Financially motivated eCrime constitutes almost 75% of these breaches, indicating a persistent challenge for cybersecurity experts.

Gen AI’s influence has seen nation-state taking advantage, using AI for espionage and to steal vital information.

The role of Gen AI

One of the most alarming trends is the transformative use of Gen AI, according to CrowdStrike.

North Korea-linked groups like FAMOUS CHOLLIMA are prime examples, using Gen AI to fabricate realistic résumés and deepfake videos to infiltrate businesses unnoticed.

Such tactics have led to more than 320 companies being compromised in one year — a massive 220% increase.

An infographic detailing findings from CrowdStrike's 2025 Threat Hunting Report

Moreover, these operatives leverage Gen AI tools to carry out technical tasks, masking language barriers and juggling multiple jobs without detection.

But AI’s impact extends far beyond insider threats. 

Russian and Iranian actors have been observed using AI-driven language models for phishing and misinformation campaigns, compounding the challenge faced by security teams worldwide.

These AI-generated campaigns amplify disinformation, as seen with Russian EMBER BEAR’s pro-Kremlin propaganda and Iran-linked CHARMING KITTEN’s multilingual phishing attacks targeting Western organisations. 

Are traditional cyber defences dwindling?

The erosion of traditional cyber defences is another critical takeaway from the report.
Entities like SCATTERED SPIDER exploit cloud and SaaS platforms, bypassing endpoint detection to execute vishing attacks.

Youtube Placeholder

This method includes impersonating employees to manipulate password resets and Multi-Factor Authentication (MFA), achieving ransomware deployment.

The emergence of cloud environments as central targets is starkly highlighted by a 136% increase in cloud intrusions in 2025, with specific emphasis on actors such as GENESIS PANDA and MURKY PANDA.

Telecommunications companies are particularly susceptible, experiencing a 130% increase in nation-state activities due to adversaries’ stealthy, prolonged intelligence-gathering operations.

In response, CrowdStrike advocates for an evolved defensive strategy. This includes harnessing AI not only for detection but to develop autonomous systems that proactively manage threats across varied digital infrastructures.

Company portals