Since the beginning of 2025, hackers have switched to complex attacks and espionage against Russian companies in the industrial and telecommunications sectors. Previously, they attacked online resources and IT infrastructure to disrupt their operation, Solar Group said.
Since the beginning of 2025, hackers have changed the targets of attacks in industry and telecom. If earlier they carried out powerful and prolonged cyberattacks to disrupt the operation of online resources and IT infrastructure of companies, now they have switched to cyber espionage and complex targeted attacks.
Experts report that in the first quarter of 2025, the number of cyberattacks per organization increased by 3.2 times compared to the fourth quarter of 2024. In industry, this figure increased even fivefold: there were more than 200 incidents per enterprise.
In the first quarter of 2025, hackers also became more active in cyber espionage. In particular, the number of data theft programs (stealers) detected at industrial enterprises increased by 24 percentage points and reached 40%. Indicators of APT groups (hackers who conduct long-term cyberattacks on specific targets) also became more common: their share increased by 4 percentage points and amounted to 19%.
Remote access tools accounted for 21% of the market, botnets - 9%, and ransomware - 4%. The remaining threats in the industry are represented by miners and phishing.
In telecom, the greatest threat is posed by APT groups. They accounted for 58% of incidents, which is 10% more than in the fourth quarter of 2024. Remote access tools rank second (27%), and stealers rank third (8%). The remaining 7% are distributed between botnets, miners, phishing and ransomware.
If earlier hackers often used ransomware to completely destroy the data obtained, this year they are making more attacks for espionage and penetration into the infrastructure, in order to then strike at the most convenient moment.
In the first quarter of 2025, hackers stole more than 21.5 million phone numbers and 17 million email addresses of Russians. Most leaks occurred in logistics companies. Information and entertainment resources were in second and third places. Interestingly, at the beginning of last year, banks suffered the most.
Read more materials on the topic:
All professions are important: will the activities of hackers be legalized?
Hackers can crack passwords up to seven characters in seconds
Hackers often use legitimate software in attacks to disguise themselves from antiviruses
