In 2025, cybercriminals target organizations worldwide with identity attacks, cloud security breaches, and AI-powered cyberattacks. CrowdStrike 2025 Threat Hunting Report indicates that advanced threat actors are leveraging generative AI, cloud misconfiguration, and human identity weakness to perform cross-domain attacks that completely bypass traditional security controls.

Interactive cyber attacks increased 27% year over year, and 81% of attacks were malware-free, showing a trend to more low-profile, high-level techniques. eCrime groups are commonplace, making up 73% of attacks today, and cloud intrusions have increased 136% in the first half of 2025 compared to 2024. Vishing campaigns are increasing as well, breaking earlier yearly records within six months.

Read: Cybersecurity & Infrastructure Security Agency (CISA) on ransomware trends.

Generative AI Becomes a Powerful Tool for Cybercriminals

Generative AI has evolved from a special-purpose tool to a ubiquitous component of cyberattacks. Cybercriminals are using AI to create phishing campaigns, create synthetic identities, and even construct advanced malware. CrowdStrike has found a vulnerability, CVE-2025-3248, in Langflow AI, which is a highly used platform that is used to build AI agents, and was used by attackers for:

  • Persistence on the exploited systems
  • Credential access via AI-created phishing and synthetic identities
  • Malware deployment

North Korea-aligned group FAMOUS CHOLLIMA is one such time-honored case in point, having exploited over 320 organizations, a 220% year-to-date increase, using AI-created resumes, deepfake interviews, and bot-solved coding challenges.

Expert Insight: “Threat actors increasingly view AI as central infrastructure instead of a peripheral technology. Organizations need to keep AI security top of mind in defense,” CrowdStrike experts recommended.

CrowdStrike’s 2025 Threat Hunting Report comprehensively studies potential cyberattacks and shows how advanced attackers specifically target AI, cloud, and identity systems. The report also points to malware-free attacks on the rise, cloud-based attacks on the rise, and the use of generative AI to use for social engineering attacks.

According to CrowdStrike’s 2025 Threat Hunting Report (read the entire report here), threat actors are leveraging cross-domain tactics in order to outmaneuver typical defenses, and the organizations must thus exercise proactive monitoring and protection of identity.

Identity Exploitation Drives Cross-Domain Attacks

Attackers increasingly exploit human and process-based identity weaknesses to gain access across networks. CrowdStrike defines the SCATTERED SPIDER eCrime group as one that:

  • Uses ransomware within less than 24 hours of initial compromise
  • Uses vishing and help desk impersonation to bypass MFA
  • Gains long-lived access to SaaS tools such as IAM, document management, and data warehousing platforms
  • These identity-driven attacks can enable the attacker to migrate horizontally across domains, remain resident for extended periods, and exfiltrate sensitive information in bulk.

Real-World Measures to Mitigate AI, Cloud, and Identity Threats

CrowdStrike recommends that organizations adopt a multi-layered security approach to counter new cyber threats:

  • Secure Identity
  • Utilize phishing-resistant MFA (hardware tokens)
  • Enforce robust password policies and regular resets
  • Identify anomalous authentication activity in cloud, SaaS, and on-premises environments

Seal Cross-Domain Visibility Gaps

Organizations must adopt strategies that provide full visibility across endpoints, cloud environments, and identity systems. Threat actors are increasingly moving laterally across domains, exploiting blind spots in monitoring and detection. To address this:

  • Run XDR and gen-next SIEM tools to correlate endpoint, cloud, and identity platform telemetry
  • Detect lateral movement sooner and respond automatically
  • Secure Cloud as Foundation Infrastructure
  • Use Cloud-Native Application Protection Platforms (CNAPP) with continuous monitoring
  • Audit APIs, permissions, and configurations in real-time
  • Enforce least-privilege access
  • Prepare for AI-Driven Threats
  • Guard internal AI tools and workflows
  • Train employees to detect AI-aware social engineering techniques
  • Detect out-of-band AI usage patterns
  • Build Incident Readiness
  • Maintain isolated backups
  • Conduct regular tabletop exercises
  • Enable rapid containment and recovery in case of breach
  • Recommended external source: NIST Cloud Security Guidelines

A Look to the Future: The Future of Cybersecurity

With AI, cloud, and identity platforms more interconnected, cross-domain attacks will only increase. Firms that adopt AI threat monitoring, cloud-native security, and robust identity protection position themselves to compete most effectively. Researchers identify changing to comprehend attacker behavior, using advanced detection tools, and creating a cybersecurity awareness culture as the keys to staying ahead.

Read more: Cybersecurity Ventures: 2025 Global Threat Forecast.

For deeper insights on agentic AI governance, identity controls, and real‑world breach data, visit Cyber Tech Insights.

To participate in our interviews, please write to our CyberTech Media Room at sudipto@intentamplify.com