CrowdStrike's 2025 global threat report reveals a significant rise in malware-free cyber attacks, with 79% of detections in 2024 being such activities, up from 40% in 2019. Attackers now favor using existing tools to exploit vulnerabilities rather than deploying malware. Notably, they are increasingly targeting cloud services, with a 26% increase in cloud intrusions from 2023 to 2024, primarily gaining initial access through abuse of valid accounts. This evolution in tactics emphasizes the growing sophistication of cyber threats.
CrowdStrike observed more intrusions in which attackers gained initial access via valid accounts, leveraged cloud environment management tools for lateral movement, and abused cloud provider command line tools.
79% of CrowdStrike's threat detections in 2024 constituted malware-free malicious activity, compared to 40% in 2019, showing a significant shift in attack strategies.
Collection
[
|
...
]