What Microsoft's 2025 Report Reveals About The New Rules Of Engagement In Cyberdefense
Microsoft, Friday, October 24th, 2025
Adversaries are using AI to sharpen attacks, automate operations, and challenge long-standing defenses, according to a new Microsoft report. Researchers describe a year in which criminal and state-backed actors blurred the lines between cybercrime, espionage, and disruption, targeting public and private sectors.
The report shows that most breaches begin with stolen or guessed passwords. More than 97% of identity-based attacks rely on password spray or brute-force techniques. While MFA blocks most attempts, many organizations have coverage gaps, particularly for service accounts and non-human identities.
In the first half of 2025, identity-based attacks rose by 32%. Research and academia were hit hardest, driven by open networks and decentralized IT systems. Attackers increasingly target workload identities, applications, scripts, and cloud services that hold elevated privileges but are often less protected than user accounts.