Cybercriminals have grown up

The Rise of the Enterprising Adversary: What CrowdStrike's 2025 Global Threat Report Means for Australian Organisations

Cybercriminals have grown up. That's the headline message from CrowdStrike's newly released 2025 Global Threat Report, titled "The Rise of the Enterprising Adversary." It paints a picture of an increasingly professionalised cyber threat landscape, where criminal groups operate with the speed, structure, and sophistication of legitimate enterprises.

This isn't a new phenomenon, but it is escalating.

CrowdStrike observed a 75% increase in cloud intrusions year-over-year, alongside a growing reliance on legitimate credentials to bypass traditional security measures. The lines between nation-state actors and financially motivated groups are also blurring, with adversaries now sharing infrastructure, tools, and tradecraft.

Key Trends Identified in the Report

Some of the major findings from the 2025 report include:

• Cloud environments under siege: Cloud-focused attacks are rising rapidly as organisations continue to migrate to hybrid infrastructure.
• Speed of compromise: On average, adversaries can move laterally within a network in just 62 minutes, down from 79 minutes the year before.
• Credential misuse: 62% of interactive intrusions involved valid credentials, making identity protection a frontline defence.
• The 'as-a-service' threat economy: Access brokers, malware developers, and ransomware affiliates now operate in a highly connected criminal ecosystem, offering services to the highest bidder.

"Adversaries have become more agile, more enterprising, and more opportunistic. They are running campaigns like businesses – with structure, KPIs, and returns on investment."
— CrowdStrike 2025 Global Threat Report

What This Means for Australian Businesses

For Australian organisations, particularly those in critical infrastructure, Defence industry supply chains, and regulated sectors, the message is clear: passive cybersecurity strategies are no longer enough. Security must be active, adaptive, and deeply integrated into day-to-day operations.

Companies also need to think beyond compliance. Frameworks like the Essential Eight and PCI DSS are valuable, but they're just the beginning. Businesses must continuously evaluate their cyber maturity, threat exposure, and response capabilities.

Logi-Tech: A Pragmatic Partner for Cyber Resilience

This is where trusted partners like Logi-Tech come in. Now in our 40th year of experience supporting Defence and high-assurance clients, Logi-Tech helps organisations implement practical, standards-aligned cybersecurity solutions that go beyond checkbox compliance.

From tailored Essential Eight uplift programs to preparing for PCI DSS readiness, Logi-Tech provides:

• Cybersecurity maturity assessments
• Secure infrastructure and automation
• Credential and identity management strategies
• Continuous improvement through managed services

Logi-Tech understands that most businesses don't have the luxury of a full in-house cybersecurity team, which is why our solutions are built to deliver real-world outcomes with clarity and efficiency.

Final Thoughts

CrowdStrike's 2025 report signals that cyber threats are now a strategic business risk not just an IT problem. With attackers behaving more like entrepreneurs and less like lone hackers, Australian businesses need equally strategic, enterprise-grade responses.

By partnering with experienced providers like Logi-Tech, organisations can position themselves not just to survive the evolving threat landscape, but to grow with confidence in the face of it.

References:

1. CrowdStrike. (2025). Global Threat Report: The Rise of the Enterprising Adversary. Retrieved from: https://www.crowdstrike.com/global-threat-report/