CrowdStrike Analysis Paints Worsening Cybersecurity Picture

https://securityboulevard.com/2026/02/crowdstrike-analysis-paints-worsening-cybersecurity-picture/

Publish Date: 2026-02-24 03:15:00

Author:

Using an unordered list, summarize the following article with between 4 and 8 key points.
A report published by CrowdStrike today finds the average breakout time for a cyberattack in 2025 has been reduced to 29 minutes, representing a 65% year-over-year reduction.At the same time, CrowdStrike is also reporting there was a 42% increase in the number of zero-day vulnerabilities being exploited prior to public disclosure. Additionally, 82% of detections in 2025 were malware-free, according to the report.Adam Meyers, senior vice president for counter adversary at CrowdStrike, said that shift in tactics suggests malicious actors are more interested in evading detection to ensure they have long-term persistent access to IT environments versus simply relying on traditional smash and grab techniques.More challenging still, the report also noted there has been an 89% increase in attacks enabled by artificial intelligence (AI), which is now being pervasively employed by adversaries of all skill levels.In effect, AI has become a new type of insider threat that can be easily exploited by malicious actors using, for example, a stolen credential to insert a prompt into a workflow that enables them to, for instance, exfiltrate data or compromise a workflow, noted Meyers. Organizations should employ comprehensive AI security and governance measures to address threats to AI systems as well as threats posed by threat actors using AI. Those measures should include monitoring use of AI tools, enforcing access controls, and using data classification rules to prevent sensitive data leaks.At the same time, the report noted that it’s becoming increasingly simpler for cybercriminals to leverage AI to launch targeted attacks that make use of publicly available documentation to both discover a vulnerability and create an exploit faster than ever.Other metrics tracked by CrowdStrike that are also heading in the wrong direction include a 563% increase in incidents using fake CAPTCHA lures, a 141% increase in spam emails, a 37% increase in victims named on dedicated leak sites and a 37% rise in cloud-conscious intrusions. Those latter types of intrusions can be especially challenging to thwart because they typically involve a mix of trusted access paths and exploitation.For example, valid account abuse, which accounted for 35% of cloud incidents, enables adversaries to blend into legitimate activity to bypass traditional controls. Cyber attackers typically targeted exposed systems to gain an initial foothold, then rapidly pivoted across domains once access was established.Finally, the report noted there has also been a 130% increase in incidents related to North Korea, including the largest single financial theft of $1.46 billion in cryptocurrency, versus a 38% increase in incidents involving China.Obviously, there are clearly more potential threats than ever to an attack surface that only continues to expand. The only way to combat those threats is to instrument as many systems as possible, said Meyers. Once instrumented, it then becomes possible to proactively hunt for threats in a way that ultimately reduces the number of incidents that cybersecurity teams might need to manage.Regardless of the threat vector, the one thing that is apparent is many cybersecurity teams are in danger of being overwhelmed. Hopefully, investments in AI help level what is becoming a decidedly unlevel playing field. In the meantime, however, cybersecurity teams should continue to prepare for the worst while hoping against all odds for the best.