Cyberattacks are getting faster, stealthier, and more sophisticatedin part because cybercriminals are using generative AI.
We see more threat actors using generative AI as part of their tool chest, and some of those threat actors are using it more effectively than others, says Adam Meyers, head of counter adversary operations at CrowdStrike.
The cybersecurity tech company released its 2025 Threat Hunting report on Monday. It detailed, among other findings, that adversaries are weaponizing genAI to accelerate and scale attacksand North Korea has emerged as the most GenAI-proficient adversary.
Within the past 12 months alone, CrowdStrike investigated more than 320 incidents in which operators associated with North Korea fraudulently obtained remote jobs at various companies. That represents a jump of about 220 percent year-over-year. The report suggests operatives used genAI tools at every stage of the hiring and employment process to automate their actions in the job search through the interview process, and eventually to maintain employment.
The Man Behind the Wheel of Driverless Trucks For Don Burnette, the autonomous vehicle debate was always about cars, but what about trucks? That thinking helped his startup, Kodiak Robotics, to become No. 20 on our list of the 5000 fastest growing companies in America. INNOVATE ALABAMA x Inc. Founders House 2025 - Full Panel Video They use it to create resumes and to create LinkedIn personas that look like attractive candidates you would want to hire. They use generative AI to answer questions during interviews, and they use deep fake technology as well during those interviews to hide who they are, Meyers says. Once they get hired, they use that to write code to allow them to hold 10, 15, 20, or more jobs at a time.
In late July, an Arizona woman, Christina Chapman, was sentenced to eight years in prison for her role in assisting North Korean workers in securing jobs at more than 300 U.S. companies; that generated an estimated $17 million in illicit revenue, according to the Department of Justice. In late 2023, some 90 laptops were seized from her home.
North Korean fraudsters, however, arent the only threat facing businesses, academic institutions, and government agencies.
Were seeing more adversary activity every single day, Meyers says. There are more and more threat actors engaging in this, and its not just criminals or hacktivists. Were also seeing more nation states.
Although North Koreas attacks may be among the most attention-grabbing, Meyers says China is probably the number-one threat out there for any Western organization. In the past year, CrowdStrike noted a 40 percent jump in cloud intrusions that it attributed to China-related adversaries. Cloud intrusions overall jumped about 136 percent in the first half of 2025, versus all of the previous year, according to the report.
Although the tech industry is the most targeted industry overall, Chinese adversaries substantially ramped up attacks on the telecom sector within the past year, according to the report.
The telecommunications sector is a high-value target for nation-state adversaries, providing access to subscriber and organizational data that supports their intelligence collection and counterintelligence efforts, the report states.
As technology becomes more sophisticated, it may seem overwhelming for organizations trying to keep attackers at bay. Meyers counseled individuals on security teams to make use of those very same tools that bad actors are using to fight back.
Generative AI was being used by these threat actors, but it could also be used by the good guys to have more effective defenses, he says. We have that capability in some of [CrowdStrikes] products, but you can use generative AI to kind of scale up those capabilities within the security team.
He also recommended organizations be proactive, rather than reactive to threats.
If you wait for bad stuff to show itself, its going to be too late, he says. Probably one of the biggest takeaways is that you need to have threat hunting.
Just over a year ago, a CrowdStrike update precipitated what has since been called one of historys biggest IT failures. A buggy security update caused Windows devices to crash, affecting a broad swathe of companies in banking, health care, and aviation, among others. Delta Air Lines was notably affected and is suing CrowdStrike, alleging the outage caused as many as 7,000 flight cancellations and as much as $550 million in lost revenue and other expenses, Reuters reported.
The final deadline for the 2025 Inc. Power Partner Awards is this Friday, August 8, at 11:59 p.m. PT. Apply now.
