China’s Cyber Enterprise Grows: CrowdStrike 2025 Global Threat Report

China’s cyber enterprise is rapidly growing: China-nexus activity was up 150% across industries in 2024, with a 200-300% surge in key sectors such as financial services, media, manufacturing, and industrials/engineering. CrowdStrike identified seven new China-nexus adversaries in 2024.

“After decades investing in offensive cyber capabilities, China has achieved parity with some of the top players out there, and I think that is the thing that should terrify everybody,” Adam says.  

China-nexus threat actors aren’t the only ones evolving their cyber operations. As the CrowdStrike 2025 Global Threat Report shows, nation-state and eCrime adversaries spanning regions and skill levels are gaining speed and refining their techniques. They’re learning what works and what doesn’t, and they’re scaling their effective tactics to achieve their goals.

So what works? Voice phishing (vishing) skyrocketed 442% between the first and second half of 2024 as adversaries leaned on vishing, callback phishing, and help desk social engineering to access target networks. Generative AI played a key role in social engineering, where its low barrier to entry and powerful capabilities help adversaries create convincing content at scale. Compromised credentials also proved handy last year, helping threat actors enter and move laterally through organizations and operate as legitimate users. 

What doesn’t work as well? Malware. 79% of detections in 2024 were malware-free, indicating a rise in hands-on-keyboard activity as adversaries face stronger security defenses. 

Tune in to hear Adam and Cristian dig into the key findings of the CrowdStrike 2025 Global Threat Report, which also examines the latest on cloud-focused attacks, vulnerability exploitation, and nation-state activity around the world.