HPE report details industrialisation of cybercrime in 2025
New findings from HPE highlight five key drivers of the modern threat landscape and recommend self-driving network paradigms for defence.
HPE Threat Labs has released its In the Wild Report, documenting a significant shift in cybercriminal operations throughout 2025. The analysis indicates that criminal groups have industrialised their methods, adopting professional corporate hierarchies and utilising automation and artificial intelligence to exploit longstanding vulnerabilities with greater scale, speed, and structure.
The report identifies five primary factors influencing the contemporary cybersecurity landscape. These include enterprise reliance on digital networks, financial constraints on security budgets, complex multivendor IT environments, unpredictable geopolitics, and specific targeted sectors. These factors are described as distinct but often interdependent, creating a nuanced environment that complicates the planning and execution of effective security strategies.
Government emerged as the most frequently targeted sector globally in 2025, followed by finance, technology, defence, and manufacturing. The report suggests that the prevailing global geopolitical and economic situation may accelerate nation-state-linked espionage and organised crime motivated by extortion and theft.
Internal pressures also play a critical role. While enterprises have undergone digital transformation, increasing reliance on networks has raised expectations for performance and security. However, this is often contradicted by financial constraints that limit the ability of CISOs and CIOs to fund adequate defensive latticework. Additionally, the move away from single-vendor solutions has created complex, multivendor environments that are harder to monitor and protect.
To address these challenges, HPE recommends adopting self-driving network paradigms. This approach utilises built-in security capabilities rather than bolted-on layers, allowing AI-driven platforms to manage security policy enforcement and threat monitoring on a 24/7 basis. The report asserts that such automation can help enterprises overcome sophisticated attacks while simplifying IT oversight.
