Cyber Threat Forecast 2025 Part One - North America

Uploaded on 2025-01-22 in INTELLIGENCE--International, FREE TO VIEW, INTELLIGENCE-Hot Spots-China

Cyber Threat Forecast 2025 - Part One - North America

Part 1 of a 4-part  series that will forecast the international cyber threat landsape in 2025, beginning with North America, then India, Criminal / Hacktivist Activity, then Nation-State / Foreign Affairs. 

North American Cyber Threat Landscape

With 2025 having kicked off with Donald Trump re-entering the White House as the 47th President of the United States, threat actors from opposing nation-states will likely leverage cyberspace in retaliation.

Additionally, due to supply chains, as well as President Trump hinting at the idea that Canada should join the US as the ‘51st state’, these cyber threats will also likely have a ripple effect further north. 

As a result, both public and private sector organisations must prepare to prioritise risk management strategies to combat a variety of threat actor activities. 

United States of America 

Tump’s China Hawks To Confront Beijing

President Trump has established a cabinet consisting of China hawks that will likely result in increased tensions between Beijing and Washington for years to come. In 2025, this will likely transition into cyberspace by Chinese espionage actors seeking to collect intelligence on the diplomatic relations between the US and Taiwan as well as to gather data on the recently formed US-Japan-Philippines alliance with the US aiming to push back against China’s territorial claims in the South China Sea. 

With the imminent deadline of the ‘Made in China 2025’ programme on the horizon, Chinese nation-state-sponsored espionage and intellectual property (IP) theft pursuits will likely ramp up against the technology and manufacturing sectors with the Chinese government seeking to bring innovative technology to global markets.

These campaigns will likely be intensified with the Trump Administration intending to implement tariffs targeting imported Chinese technology products. 

Chinese nation-state adversaries, such as Volt Typhoon, will also likely pivot to a more destructive posture by attempting to sabotage Western critical sectors. These attacks will likely carry the objective of pre-positioning cyber exploitation and attack capabilities within Western networks to prepare for future hostilities with the US and to disrupt communication infrastructure between Washington and East Asia during any future crisis.

Taiwan will likely remain a prime focus of Chinese IP theft to undermine the ‘Silicon Shield’ defensive strategy. However, the US technology sector will likely be caught in the crossfire of these IP extraction campaigns with the Taiwan Semiconductor Manufacturing Company (TSMC) set to build its silicon chips in three factories currently under construction in Arizona following TSMC receiving a pledge in government subsidy as part of the 2022 Chips and Science Act.

Chinese nation-state threat actors will likely continue targeting network infrastructure of nations in the South China Sea region to collect intelligence on military exercises and national policy. With China’s ‘nine-dash-line’ claims being heavily criticised by the White House, Chinese espionage actors will likely target the US government and telecommunication sectors to gauge Washington’s foreign policy strategies.  This cyber activity will likely be aggravated following the strengthened trilateral relations between the US, Japan, and the Philippines, with these states discussing key topics including the Taiwan Relations Act obligating Washington to provide weapons to defend Taipei as well as the Philippines and Japan being US defence treaty allies.

Iranian Sanctions Increasing Global Cyber Risk

Cyber espionage sponsored by the Iranian regime will likely seek to collect intelligence on US foreign policy regarding the Joint Comprehensive Plan of Action (JCPoA) as well as to gauge the position of the US government’s support of Israel against Iran’s Axis of Resistance proxies throughout the Middle East. 

This will also likely expand to include the US finance sector in retaliation to President Trump, who has voiced his intention to enforce further sanctions against Iran, mirroring the ‘maximum pressure’ policy that was applied during the previous Republican Party administration.

Cyber Threat Actors To Capitalise On Uncertainties Within NATO?

Based on statements leading up to the 2024 US presidential election, the Republican Party Presidency raises concerns about the future of US support for NATO and Ukraine. While it is unlikely that the US will abandon NATO under the administration, there is a realistic possibility that Europe could see the US shift focus domestically, leaving the continent to face off against Russia in a weakened condition both militarily and in cyberspace.

Russian cyber espionage will likely surge against US government networks throughout the early months of 2025 with Russian threat actors likely to gather intelligence on the Trump Administration’s intentions of ending the war in Ukraine.  

Canada

US-China Tensions To Impact Canadian Companies?

The Canadian Centre for Cyber Security (CCCS) recently disclosed that Chinese nation-state-sponsored threat actors have compromised at least 20 Canadian government networks over the past four years, with the objectives of espionage, IP theft, influence operations, as well as the repression of diaspora communities.  

Due to the ongoing diplomatic strains between Canada and China, these cyber threat activities will continue to pose a threat to high-profile organisations and citizens alike. An example of the latter would be Chinese state actors likely to perform surveillance on advocates for Taiwanese and Hong Kong independence as well as Tibetan pro-democracy activists that are present within the Canadian borders.

However, due to the integration of critical infrastructure throughout North America, China’s increasingly disruptive cyber posture in response to rising tensions with the US, will likely impact Canada’s networks. 

Further, Canada’s innovative research infrastructure, as well as economic tensions increasing based on bilateral trade, will also likely present motivation for Chinese espionage actors to target the country’s network infrastructure to bolster Beijing’s strategic objectives. 

To Be Continued:

Image: MikeyGen73

Craig Watt is a Threat Intelligence Consultant at Quorum Cyber specializing in strategic and geopolitical intelligence.

You Might Also Read: 

Trump 2.0: Cyberwarfare To Reach New Heights:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Balancing Progress & Protection In Britain's Public Services
The Rising Threat Of Biometric Breaches & Stolen Data »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

TenIntelligence

TenIntelligence

TenIntelligence provides due diligence, brand protection and fraud investigation services including digital forensics.

VTT Technical Research Centre of Finland

VTT Technical Research Centre of Finland

VTT is the leading research and technology company in the Nordic countries. Areas of activity include cyber security.

SISA

SISA

SISA is a global forensics-driven cybersecurity solutions company, trusted by leading organizations for securing their businesses with robust preventive and corrective cybersecurity solutions.

Smokescreen

Smokescreen

Smokescreen's IllusionBLACK employs deception technology to detect, deflect and defeat advanced hacker attacks.

Kymatio

Kymatio

Kymatio are pioneers in Artificial Intelligence applied to adaptive staff strengthening, cultural change and predictive internal risk analysis.

Korn Ferry

Korn Ferry

Korn Ferry is a global organizational consulting firm, synchronizing strategy and talent to drive superior performance for our clients in key areas including cybersecurity.

DataViper

DataViper

DataViper is a threat intelligence platform designed for organizations, investigators, and law enforcement.

Adaptive Shield

Adaptive Shield

Addaptive Shield - Complete Control For Your SaaS Security. Proactively find and fix weaknesses across your SaaS platforms.

Robert Walters

Robert Walters

Robert Walters is one of the world's leading global specialist professional recruitment and recruitment process outsourcing consultancies.

nexSecurity

nexSecurity

neXSecurity is an IT and Information security consulting company with more than 2 decades worth of software development and security experience.

Qascom

Qascom

Qascom is an engineering company offering security solutions in satellite navigation and space cybersecurity. We are one of the European key players in GNSS authentication and security.

Mitigo Group

Mitigo Group

Mitigo offers a well considered and effective approach to keeping businesses completely secure from any digital attacks.

AT&T Cybersecurity

AT&T Cybersecurity

AT&T Cybersecurity’s Edge-to-Edge technologies provide threat intelligence, collaborative defense, security without the seams, and solutions that fit your business.

Hushmesh

Hushmesh

Hushmesh is a start-up aimed at securing the world’s digital infrastructure by developing develop the Mesh, a global information space with automated security built in.

Cakewalk

Cakewalk

Cakewalk is the new standard in easy Access Control. Trusted by IT & Security teams. Loved by employees.

Defendis

Defendis

Defendis develops AI-powered cybersecurity solutions for Government Agencies, Banks, and Businesses, designed to helps them contain data leaks, minimise damage, and proactively hunt for new threats.