{"id":241,"date":"2025-02-27T08:01:22","date_gmt":"2025-02-27T08:01:22","guid":{"rendered":"https:\/\/www.techrepublic.com\/?p=4293835"},"modified":"2025-02-27T08:01:22","modified_gmt":"2025-02-27T08:01:22","slug":"crowdstrike-security-report-generative-ai-powers-social-engineering-attacks","status":"publish","type":"post","link":"https:\/\/blog.tecnoartesanos.com\/index.php\/2025\/02\/27\/crowdstrike-security-report-generative-ai-powers-social-engineering-attacks\/","title":{"rendered":"CrowdStrike Security Report: Generative AI Powers Social Engineering Attacks"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/assets.techrepublic.com\/uploads\/2025\/02\/tr_20250226-crowdstrike-2025-global-threat-report.jpg\" class=\"ff-og-image-inserted\"><\/div>\n<p>Phishing was no longer as common in 2024 as before, according to CrowdStrike\u2019s 2025 Global Threat Report. Threat actors trend toward accessing legitimate accounts through social engineering techniques like voice phishing (vishing), callback phishing, and help desk social engineering attacks.<\/p>\n<p>We\u2019re well within the era of what cybersecurity technology CrowdStrike called \u201cthe enterprising adversary,\u201d with malware-as-a-service and criminal ecosystems replacing the old-fashioned image of the lone threat actor. Attackers are also using legitimate remote management and monitoring tools where they might once have chosen malware.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Threat_actors_take_advantage_of_generative_AI\"><\/span>Threat actors take advantage of generative AI<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Threat actors are using generative AI to craft <a href=\"https:\/\/www.techrepublic.com\/article\/darktrace-threat-report\/\">phishing emails<\/a> and carry out other social engineering attacks. CrowdStrike found threat actors using generative AI to:<\/p>\n<ul>\n<li>Create fictitious LinkedIn profiles in hiring schemes such as those carried out by North Korea.<\/li>\n<li>Create deepfake video and voice clones to commit fraud.<\/li>\n<li>Spread disinformation on social media.<\/li>\n<li>Create spam email campaigns.<\/li>\n<li>Write code and shell commands.<\/li>\n<li>Write exploits.<\/li>\n<\/ul>\n<p>Some threat actors pursued gaining access to the LLMs themselves, particularly models hosted on Amazon Bedrock.<\/p>\n<aside class=\"pinbox right\">\n<h3 class=\"heading\">Must-read security coverage<\/h3>\n<\/aside>\n<h2><span class=\"ez-toc-section\" id=\"CrowdStrike_highlighted_nation-state_actors_associated_with_China_and_North_Korea\"><\/span>CrowdStrike highlighted nation-state actors associated with China and North Korea<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>China remains the nation-state to watch, with even new China-nexus groups emerging in 2025 and a 150% increase in cyberespionage operations. Highly targeted industries including financial services, media, manufacturing and engineering saw increases of up to 300%. Chinese adversaries increased their tempo in 2024 compared to 2023, CrowdStrike said.<\/p>\n<p>North Korean threat actors conducted high-profile activities, including IT worker scams intended to raise money.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Threat_actors_favor_points_of_entry_that_look_like_legitimate_behavior\"><\/span>Threat actors favor points of entry that look like legitimate behavior<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Malware isn\u2019t necessary for 79% of attacks, CrowdStrike said; instead, identity or access theft attacks use legitimate accounts to compromise their targets.<\/p>\n<p>Valid accounts were a primary means for attackers to launch cloud intrusions in 2024; in fact, valid accounts were the initial vector for 35% of cloud incidents in the first half of the year.<\/p>\n<p>Interactive intrusion, an attack technique in which an attacker mimics or social engineers a person into performing legitimate-looking keyboard inputs, is on the rise. Attackers might trick legitimate users through social engineering performed over the phone, such as posting as IT help desk staff (often spoofing Microsoft) or asking for a fake fee or overdue payment.<\/p>\n<p>CrowdStrike recommended the following in order to prevent help desk social engineering:<\/p>\n<ul>\n<li>Require video authentication with government identification for employees who call to request self-service password resets.<\/li>\n<li>Train help desk employees to exercise caution when taking password and MFA reset request phone calls made outside of business hours, or when they receive a high number of requests in a short time frame.<\/li>\n<li>Use non-push-based authentication factors such as FIDO2 to prevent account compromise.<\/li>\n<li>Monitor for more than one user registering the same device or phone number for MFA.<\/li>\n<\/ul>\n<p><strong>SEE: Only 6% of security researchers and practitioners surveyed by CrowdStrike in December 2024 actively <a href=\"https:\/\/www.techrepublic.com\/article\/crowdstrike-ai-survey-cybersecurity-trends\/\">used generative AI<\/a>.<\/strong><\/p>\n<p>Information disclosure can be a double-edged sword: Some attackers researched \u201cpublicly available vulnerability research \u2014 such as disclosures, technical blogs, and proof-of-concept (POC) exploits \u2014 to aid their malicious activity,\u201d CrowdStrike wrote.<\/p>\n<p>Last year, there was a rise in access brokers, who specialize in selling breached access to ransomware makers or other threat actors. Advertised accesses increased by almost 50% compared to 2023.<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Tips_for_securing_your_organization\"><\/span>Tips for securing your organization<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>CrowdStrike said organizations should:<\/p>\n<ul>\n<li>Be sure their entire identity system is covered under phishing-resistant MFA solutions.<\/li>\n<li>Remember the cloud is core infrastructure, and defend it as such.<\/li>\n<li>Deploy modern detection and response strategies.<\/li>\n<li>Regularly patch or upgrade critical systems.<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Phishing was no longer as common in 2024 as before, according to CrowdStrike\u2019s 2025 Global Threat Report. Threat actors trend toward accessing legitimate accounts through social engineering techniques like voice phishing (vishing), callback phishing, and help desk social engineering attacks. We\u2019re well within the era of what cybersecurity technology CrowdStrike called \u201cthe enterprising adversary,\u201d with [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":242,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-241","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technology"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v24.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>CrowdStrike Security Report: Generative AI Powers Social Engineering Attacks - TecnoArtesanos Tech Blog<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/blog.tecnoartesanos.com\/index.php\/2025\/02\/27\/crowdstrike-security-report-generative-ai-powers-social-engineering-attacks\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"CrowdStrike Security Report: Generative AI Powers Social Engineering Attacks - TecnoArtesanos Tech Blog\" \/>\n<meta property=\"og:description\" content=\"Phishing was no longer as common in 2024 as before, according to CrowdStrike\u2019s 2025 Global Threat Report. Threat actors trend toward accessing legitimate accounts through social engineering techniques like voice phishing (vishing), callback phishing, and help desk social engineering attacks. We\u2019re well within the era of what cybersecurity technology CrowdStrike called \u201cthe enterprising adversary,\u201d with [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/blog.tecnoartesanos.com\/index.php\/2025\/02\/27\/crowdstrike-security-report-generative-ai-powers-social-engineering-attacks\/\" \/>\n<meta property=\"og:site_name\" content=\"TecnoArtesanos Tech Blog\" \/>\n<meta property=\"article:published_time\" content=\"2025-02-27T08:01:22+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/assets.techrepublic.com\/uploads\/2025\/02\/tr_20250226-crowdstrike-2025-global-threat-report.jpg\" \/>\n<meta name=\"author\" content=\"Sergio Morales\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Sergio Morales\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/blog.tecnoartesanos.com\/index.php\/2025\/02\/27\/crowdstrike-security-report-generative-ai-powers-social-engineering-attacks\/\",\"url\":\"https:\/\/blog.tecnoartesanos.com\/index.php\/2025\/02\/27\/crowdstrike-security-report-generative-ai-powers-social-engineering-attacks\/\",\"name\":\"CrowdStrike Security Report: Generative AI Powers Social Engineering Attacks - TecnoArtesanos Tech Blog\",\"isPartOf\":{\"@id\":\"https:\/\/blog.tecnoartesanos.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/blog.tecnoartesanos.com\/index.php\/2025\/02\/27\/crowdstrike-security-report-generative-ai-powers-social-engineering-attacks\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/blog.tecnoartesanos.com\/index.php\/2025\/02\/27\/crowdstrike-security-report-generative-ai-powers-social-engineering-attacks\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/blog.tecnoartesanos.com\/wp-content\/uploads\/2025\/03\/crowdstrike-security-report-generative-ai-powers-social-engineering-attacks.jpg\",\"datePublished\":\"2025-02-27T08:01:22+00:00\",\"author\":{\"@id\":\"https:\/\/blog.tecnoartesanos.com\/#\/schema\/person\/ec88bc1410fd158963717c4216f04807\"},\"breadcrumb\":{\"@id\":\"https:\/\/blog.tecnoartesanos.com\/index.php\/2025\/02\/27\/crowdstrike-security-report-generative-ai-powers-social-engineering-attacks\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/blog.tecnoartesanos.com\/index.php\/2025\/02\/27\/crowdstrike-security-report-generative-ai-powers-social-engineering-attacks\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/blog.tecnoartesanos.com\/index.php\/2025\/02\/27\/crowdstrike-security-report-generative-ai-powers-social-engineering-attacks\/#primaryimage\",\"url\":\"https:\/\/blog.tecnoartesanos.com\/wp-content\/uploads\/2025\/03\/crowdstrike-security-report-generative-ai-powers-social-engineering-attacks.jpg\",\"contentUrl\":\"https:\/\/blog.tecnoartesanos.com\/wp-content\/uploads\/2025\/03\/crowdstrike-security-report-generative-ai-powers-social-engineering-attacks.jpg\",\"width\":1400,\"height\":900},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/blog.tecnoartesanos.com\/index.php\/2025\/02\/27\/crowdstrike-security-report-generative-ai-powers-social-engineering-attacks\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/blog.tecnoartesanos.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"CrowdStrike Security Report: Generative AI Powers Social Engineering Attacks\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/blog.tecnoartesanos.com\/#website\",\"url\":\"https:\/\/blog.tecnoartesanos.com\/\",\"name\":\"TecnoArtesanos Tech Blog\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/blog.tecnoartesanos.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/blog.tecnoartesanos.com\/#\/schema\/person\/ec88bc1410fd158963717c4216f04807\",\"name\":\"Sergio Morales\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/blog.tecnoartesanos.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/3d45178fc8fbbe32d39278bc504fa9093f947f406ff4f1ddcfa27505ab772184?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/3d45178fc8fbbe32d39278bc504fa9093f947f406ff4f1ddcfa27505ab772184?s=96&d=mm&r=g\",\"caption\":\"Sergio Morales\"},\"sameAs\":[\"https:\/\/sergiomorales.space\"],\"url\":\"https:\/\/blog.tecnoartesanos.com\/index.php\/author\/sergiomorales\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"CrowdStrike Security Report: Generative AI Powers Social Engineering Attacks - TecnoArtesanos Tech Blog","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/blog.tecnoartesanos.com\/index.php\/2025\/02\/27\/crowdstrike-security-report-generative-ai-powers-social-engineering-attacks\/","og_locale":"en_US","og_type":"article","og_title":"CrowdStrike Security Report: Generative AI Powers Social Engineering Attacks - TecnoArtesanos Tech Blog","og_description":"Phishing was no longer as common in 2024 as before, according to CrowdStrike\u2019s 2025 Global Threat Report. Threat actors trend toward accessing legitimate accounts through social engineering techniques like voice phishing (vishing), callback phishing, and help desk social engineering attacks. We\u2019re well within the era of what cybersecurity technology CrowdStrike called \u201cthe enterprising adversary,\u201d with [&hellip;]","og_url":"https:\/\/blog.tecnoartesanos.com\/index.php\/2025\/02\/27\/crowdstrike-security-report-generative-ai-powers-social-engineering-attacks\/","og_site_name":"TecnoArtesanos Tech Blog","article_published_time":"2025-02-27T08:01:22+00:00","og_image":[{"url":"https:\/\/assets.techrepublic.com\/uploads\/2025\/02\/tr_20250226-crowdstrike-2025-global-threat-report.jpg","type":"","width":"","height":""}],"author":"Sergio Morales","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Sergio Morales","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/blog.tecnoartesanos.com\/index.php\/2025\/02\/27\/crowdstrike-security-report-generative-ai-powers-social-engineering-attacks\/","url":"https:\/\/blog.tecnoartesanos.com\/index.php\/2025\/02\/27\/crowdstrike-security-report-generative-ai-powers-social-engineering-attacks\/","name":"CrowdStrike Security Report: Generative AI Powers Social Engineering Attacks - TecnoArtesanos Tech Blog","isPartOf":{"@id":"https:\/\/blog.tecnoartesanos.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/blog.tecnoartesanos.com\/index.php\/2025\/02\/27\/crowdstrike-security-report-generative-ai-powers-social-engineering-attacks\/#primaryimage"},"image":{"@id":"https:\/\/blog.tecnoartesanos.com\/index.php\/2025\/02\/27\/crowdstrike-security-report-generative-ai-powers-social-engineering-attacks\/#primaryimage"},"thumbnailUrl":"https:\/\/blog.tecnoartesanos.com\/wp-content\/uploads\/2025\/03\/crowdstrike-security-report-generative-ai-powers-social-engineering-attacks.jpg","datePublished":"2025-02-27T08:01:22+00:00","author":{"@id":"https:\/\/blog.tecnoartesanos.com\/#\/schema\/person\/ec88bc1410fd158963717c4216f04807"},"breadcrumb":{"@id":"https:\/\/blog.tecnoartesanos.com\/index.php\/2025\/02\/27\/crowdstrike-security-report-generative-ai-powers-social-engineering-attacks\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/blog.tecnoartesanos.com\/index.php\/2025\/02\/27\/crowdstrike-security-report-generative-ai-powers-social-engineering-attacks\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blog.tecnoartesanos.com\/index.php\/2025\/02\/27\/crowdstrike-security-report-generative-ai-powers-social-engineering-attacks\/#primaryimage","url":"https:\/\/blog.tecnoartesanos.com\/wp-content\/uploads\/2025\/03\/crowdstrike-security-report-generative-ai-powers-social-engineering-attacks.jpg","contentUrl":"https:\/\/blog.tecnoartesanos.com\/wp-content\/uploads\/2025\/03\/crowdstrike-security-report-generative-ai-powers-social-engineering-attacks.jpg","width":1400,"height":900},{"@type":"BreadcrumbList","@id":"https:\/\/blog.tecnoartesanos.com\/index.php\/2025\/02\/27\/crowdstrike-security-report-generative-ai-powers-social-engineering-attacks\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/blog.tecnoartesanos.com\/"},{"@type":"ListItem","position":2,"name":"CrowdStrike Security Report: Generative AI Powers Social Engineering Attacks"}]},{"@type":"WebSite","@id":"https:\/\/blog.tecnoartesanos.com\/#website","url":"https:\/\/blog.tecnoartesanos.com\/","name":"TecnoArtesanos Tech Blog","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/blog.tecnoartesanos.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/blog.tecnoartesanos.com\/#\/schema\/person\/ec88bc1410fd158963717c4216f04807","name":"Sergio Morales","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blog.tecnoartesanos.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/3d45178fc8fbbe32d39278bc504fa9093f947f406ff4f1ddcfa27505ab772184?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/3d45178fc8fbbe32d39278bc504fa9093f947f406ff4f1ddcfa27505ab772184?s=96&d=mm&r=g","caption":"Sergio Morales"},"sameAs":["https:\/\/sergiomorales.space"],"url":"https:\/\/blog.tecnoartesanos.com\/index.php\/author\/sergiomorales\/"}]}},"_links":{"self":[{"href":"https:\/\/blog.tecnoartesanos.com\/index.php\/wp-json\/wp\/v2\/posts\/241","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.tecnoartesanos.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.tecnoartesanos.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.tecnoartesanos.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.tecnoartesanos.com\/index.php\/wp-json\/wp\/v2\/comments?post=241"}],"version-history":[{"count":0,"href":"https:\/\/blog.tecnoartesanos.com\/index.php\/wp-json\/wp\/v2\/posts\/241\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blog.tecnoartesanos.com\/index.php\/wp-json\/wp\/v2\/media\/242"}],"wp:attachment":[{"href":"https:\/\/blog.tecnoartesanos.com\/index.php\/wp-json\/wp\/v2\/media?parent=241"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.tecnoartesanos.com\/index.php\/wp-json\/wp\/v2\/categories?post=241"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.tecnoartesanos.com\/index.php\/wp-json\/wp\/v2\/tags?post=241"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}