THE CYBER INTERVIEW

networks . “ These tools are harder for threat hunters to detect and indict as they may be an authorised user conducting system maintenance ,” Adam notes .

Cloud-based attacks have risen by 75 % in the past year , while interactive intrusions have increased by 55 % as criminals move away from automated attacks . “ What ’ s notable is that these intrusions aren ’ t fully automated ; human operators actively engage with compromised systems to blend in as legitimate users and bypass security controls to maximise their gains ,” he explains .

This evolution in attack methods requires a corresponding change in defence strategies . “ Relying solely on reactive measures or traditional defences isn ’ t enough anymore . Threat hunting allows organisations to go out and meet the adversary when they make contact : the closer you can get to the initial intrusion , the faster you can stop the adversary .”

Peak attack periods identified in industry sectors Analysis by Adam ’ s team has identified seasonal patterns in cyber criminal activity , with peak periods during the third and fourth quarters . Threat actors have begun targeting edge devices with vulnerabilities , while ransomware operators focus on unmanaged systems and hypervisors .

And looking forward , the emergence of AI and machine learning presents new challenges for cybersecurity teams .

THREAT HUNTING REPORT FOUND HANDS-ON-KEYBOARD INTRUSIONS INCREASED BY

WHILE REMOTE MONITORING AND MANAGEMENT ( RMM ) ADVERSARIAL TOOL ABUSE GREW BY

“ One trend we ’ re closely monitoring is the increasing use of AI and machine learning by adversaries ,” he notes . “ Just as defenders are leveraging these technologies , attackers are too .

“ We ’ re beginning to see threat actors use AI to automate tasks like phishing campaigns and penetration testing . The pace at which adversaries are evolving is unprecedented and organisations must continue to invest in intelligence-driven security .”

104 March 2025