Cyber risks - 3 critical trends for 2025

Check Point Software's annual report is now available. Among all the information it contains, here are the 3 trends that particularly caught our eye.


The year 2025 has barely begun, and already the first analyses of cyber risks are taking shape. The report from Check Point Software, a major player in cybersecurity, highlights three worrying trends that have marked the last few weeks and that will be worth monitoring this year.

 

1. The explosion of infostealer attacks

Infostealer attacks are becoming increasingly frequent. Particularly insidious, they enable the exfiltration of huge quantities of sensitive data, including authentication details, files, system configurations and financial information.

The attackers' strategy is devious: targeting BYOD (Bring Your Own Device) devices to gain access to corporate resources. Some infostealers even capture screenshots, making their impact devastating.

These logs are then resold on illegal Dark Web platforms, such as the Russian Market. According to Check Point Software, over 10 million Infostealer logs are for sale on this market.

 

2. A wider attack surface as resources are integrated into the Cloud

The growing adoption of the Cloud is amplifying the complexity of IT environments and multiplying risks. In a previous article, we identified the Cloud as adding complexity and being a major source of configuration errors.

However, the report also highlights the risk of integration between on-prem and Cloud infrastructures.

For example, the connection between an on-prem Active Directory and ENTRA ID in the Cloud to set up an SSO (Single Sign-On) can become a vector of propagation. If on-prem infrastructures are compromised, this connection could enable a lateral movement towards Cloud resources.

 

3. Edge devices are increasingly targeted

Edge devices, i.e. equipment located at the boundary between a company's infrastructure and the Internet (routers, VPNs, firewalls, etc.), have become priority targets in 2024.

Cybercriminals exploit these devices to transform them into Operational Relay Boxes (ORBs), i.e. anonymized entry points to critical infrastructures. With a direct connection to the Internet and internal resources, these devices represent an ideal entry point for attackers.

As a result, many security solution manufacturers have been forced to release patches to address critical vulnerabilities in their equipment.

 

In conclusion

These trends underline three priority areas for reflection and action to secure businesses in 2025:

  1. Layered security: Simple solutions are no longer sufficient. A return to fundamentals with layered security strategies is essential. This includes high-performance, innovative solutions.
  2. Securing the Cloud is a priority: The Cloud requires greater attention to design, configuration and security. The risks associated with these hybrid environments remain a major challenge.
  3. 360° visibility: Effective protection is impossible without complete visibility of the attack surface. Automation tools, both for detection and incident response, are becoming essential.

 

MCG: your partner in technology monitoring and cyber resilience

Thanks to its ongoing technology watch, MCG supports its customers in strengthening their resilience in the face of cyber threats, while enabling them to concentrate on their core business.

Cyber risks - 3 critical trends for 2025
...

Tell us about your cybersecurity needs

Thank you for your message, we’ll contact you very soon! Fill all fields Error when creating request. Please try again
6Lcp1CAbAAAAAM-4iEYkG33vfIaUYODi6YEXTTqi