Cyber Threat Forecast 2025 Part One - North America

Uploaded on 2025-01-22 in INTELLIGENCE--International, FREE TO VIEW, INTELLIGENCE-Hot Spots-China

Cyber Threat Forecast 2025 - Part One - North America

Part 1 of a 4-part  series that will forecast the international cyber threat landsape in 2025, beginning with North America, then India, Criminal / Hacktivist Activity, then Nation-State / Foreign Affairs. 

North American Cyber Threat Landscape

With 2025 having kicked off with Donald Trump re-entering the White House as the 47th President of the United States, threat actors from opposing nation-states will likely leverage cyberspace in retaliation.

Additionally, due to supply chains, as well as President Trump hinting at the idea that Canada should join the US as the ‘51st state’, these cyber threats will also likely have a ripple effect further north. 

As a result, both public and private sector organisations must prepare to prioritise risk management strategies to combat a variety of threat actor activities. 

United States of America 

Tump’s China Hawks To Confront Beijing

President Trump has established a cabinet consisting of China hawks that will likely result in increased tensions between Beijing and Washington for years to come. In 2025, this will likely transition into cyberspace by Chinese espionage actors seeking to collect intelligence on the diplomatic relations between the US and Taiwan as well as to gather data on the recently formed US-Japan-Philippines alliance with the US aiming to push back against China’s territorial claims in the South China Sea. 

With the imminent deadline of the ‘Made in China 2025’ programme on the horizon, Chinese nation-state-sponsored espionage and intellectual property (IP) theft pursuits will likely ramp up against the technology and manufacturing sectors with the Chinese government seeking to bring innovative technology to global markets.

These campaigns will likely be intensified with the Trump Administration intending to implement tariffs targeting imported Chinese technology products. 

Chinese nation-state adversaries, such as Volt Typhoon, will also likely pivot to a more destructive posture by attempting to sabotage Western critical sectors. These attacks will likely carry the objective of pre-positioning cyber exploitation and attack capabilities within Western networks to prepare for future hostilities with the US and to disrupt communication infrastructure between Washington and East Asia during any future crisis.

Taiwan will likely remain a prime focus of Chinese IP theft to undermine the ‘Silicon Shield’ defensive strategy. However, the US technology sector will likely be caught in the crossfire of these IP extraction campaigns with the Taiwan Semiconductor Manufacturing Company (TSMC) set to build its silicon chips in three factories currently under construction in Arizona following TSMC receiving a pledge in government subsidy as part of the 2022 Chips and Science Act.

Chinese nation-state threat actors will likely continue targeting network infrastructure of nations in the South China Sea region to collect intelligence on military exercises and national policy. With China’s ‘nine-dash-line’ claims being heavily criticised by the White House, Chinese espionage actors will likely target the US government and telecommunication sectors to gauge Washington’s foreign policy strategies.  This cyber activity will likely be aggravated following the strengthened trilateral relations between the US, Japan, and the Philippines, with these states discussing key topics including the Taiwan Relations Act obligating Washington to provide weapons to defend Taipei as well as the Philippines and Japan being US defence treaty allies.

Iranian Sanctions Increasing Global Cyber Risk

Cyber espionage sponsored by the Iranian regime will likely seek to collect intelligence on US foreign policy regarding the Joint Comprehensive Plan of Action (JCPoA) as well as to gauge the position of the US government’s support of Israel against Iran’s Axis of Resistance proxies throughout the Middle East. 

This will also likely expand to include the US finance sector in retaliation to President Trump, who has voiced his intention to enforce further sanctions against Iran, mirroring the ‘maximum pressure’ policy that was applied during the previous Republican Party administration.

Cyber Threat Actors To Capitalise On Uncertainties Within NATO?

Based on statements leading up to the 2024 US presidential election, the Republican Party Presidency raises concerns about the future of US support for NATO and Ukraine. While it is unlikely that the US will abandon NATO under the administration, there is a realistic possibility that Europe could see the US shift focus domestically, leaving the continent to face off against Russia in a weakened condition both militarily and in cyberspace.

Russian cyber espionage will likely surge against US government networks throughout the early months of 2025 with Russian threat actors likely to gather intelligence on the Trump Administration’s intentions of ending the war in Ukraine.  

Canada

US-China Tensions To Impact Canadian Companies?

The Canadian Centre for Cyber Security (CCCS) recently disclosed that Chinese nation-state-sponsored threat actors have compromised at least 20 Canadian government networks over the past four years, with the objectives of espionage, IP theft, influence operations, as well as the repression of diaspora communities.  

Due to the ongoing diplomatic strains between Canada and China, these cyber threat activities will continue to pose a threat to high-profile organisations and citizens alike. An example of the latter would be Chinese state actors likely to perform surveillance on advocates for Taiwanese and Hong Kong independence as well as Tibetan pro-democracy activists that are present within the Canadian borders.

However, due to the integration of critical infrastructure throughout North America, China’s increasingly disruptive cyber posture in response to rising tensions with the US, will likely impact Canada’s networks. 

Further, Canada’s innovative research infrastructure, as well as economic tensions increasing based on bilateral trade, will also likely present motivation for Chinese espionage actors to target the country’s network infrastructure to bolster Beijing’s strategic objectives. 

To Be Continued:

Image: MikeyGen73

Craig Watt is a Threat Intelligence Consultant at Quorum Cyber specializing in strategic and geopolitical intelligence.

You Might Also Read: 

Trump 2.0: Cyberwarfare To Reach New Heights:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Balancing Progress & Protection In Britain's Public Services
The Rising Threat Of Biometric Breaches & Stolen Data »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Fidelis Security

Fidelis Security

Fidelis Security is a leading provider of extended threat detection and response (XDR) solutions for your security operations.

OIC-CERT

OIC-CERT

OIC-CERT is the Computer Emergency Response Team for Organisation of Islamic Cooperation (OIC) member countries.

Sigma Payment Solutions

Sigma Payment Solutions

Sigma Payment Solutions offers a comprehensive suite of automated payment processing services, solutions, and technology to businesses in the USA.

Intertek Group

Intertek Group

Intertek Group provides Assurance, Testing, Inspection and Certification services. Activities include cybersecurity testing and certification.

Sentropi

Sentropi

Sentropi is an online protection solution against charge backs, account takeovers, identity thefts and online scams.

Avansic

Avansic

Avansic is a leading provider of e-discovery and digital forensics services to attorneys, litigation support teams, and business communities.

Global Security Network (GSN)

Global Security Network (GSN)

GSN focuses on specialized IT Security solutions & services for the military, law enforcement, critical infrastructure and oil & gas sectors in the Middle East.

Spire Solutions

Spire Solutions

Spire Solutions is the Middle East & Africa region’s leading cybersecurity solution provider and value-added distributor (VAD).

Cequence Security

Cequence Security

Cequence, a pioneer in API security and bot management, is the only solution that delivers Unified API Protection (UAP), uniting discovery, compliance, and protection.

ISA Global Cybersecurity Alliance (ISAGCA)

ISA Global Cybersecurity Alliance (ISAGCA)

Objectives of the ISA Global Cybersecurity Alliance include the acceleration and expansion of standards, certification, education programs, advocacy efforts, and thought leadership.

Kobalt.io

Kobalt.io

Kobalt are bringing the monitoring capabilities of enterprise-class security teams to smaller organizations.

Votiro

Votiro

Votiro is an award-winning cybersecurity company that specializes in file sanitization, ensuring every organization is safe from zero-day and undisclosed attacks.

Infoline Tec Group Berhad

Infoline Tec Group Berhad

Infoline Tec Group Berhad is principally involved in providing IT infrastructure solutions, cybersecurity service provider and solutions, managed IT and other IT services.

iNovex

iNovex

iNovex is a community of innovators that work together to solve hard problems. We partner with you to meet problems head-on and push boundaries with technology solutions.

ImagineX Consulting

ImagineX Consulting

ImagineX Consulting is a cybersecurity-focused boutique technology consultancy whose mission is to help our clients #BeBetter by reducing their corporate risk.

Ryan Financial Lines

Ryan Financial Lines

Ryan Financial Lines Cyber provides risk transfer solutions for complex cyber and technology exposures, globally.