Report reveals surge in China-linked cyber attacks

CrowdStrike’s latest Global Threat Report highlighted a sharp increase in cyber threats, driven by China-linked operations, generative artificial intelligence, and cloud infrastructure attacks, according to Cyber Magazine.

The report warned businesses to strengthen their cybersecurity strategies as adversaries become more efficient, sophisticated, and business-like, leveraging advanced technologies such as AI and machine learning.

China-nexus cyber activities surged by 150% overall, with targeted attacks in the financial services, manufacturing, industrial, and media sectors rising up to 300%. CrowdStrike identified seven new advanced persistent threat groups linked to China in 2024, reflecting a shift from smash-and-grab operations to mission-specific intrusions. These adversaries are increasingly exploiting identity gaps and employing social engineering to avoid detection.

Cloud environments have become a significant target, with cloud intrusions increasing by 26% in 2024. Attackers often gain access through valid accounts, leveraging cloud management tools to exploit vulnerabilities. Valid account abuse accounted for 35% of cloud incidents in early 2024.

The rise in identity-based attacks is notable, with 75% of intrusions now being malware-free, focusing instead on compromised credentials and hands-on keyboard tactics.

Generative AI is playing a critical role in enabling fast and complex attack methods, including sophisticated impersonation and phishing campaigns.

Breakout times -- how quickly attackers can move within a network -- fell to a record low of 48 minutes, with the fastest at 51 seconds.