Cyber Threat Forecast 2025 Part One - North America

Uploaded on 2025-01-22 in INTELLIGENCE--International, FREE TO VIEW, INTELLIGENCE-Hot Spots-China

Cyber Threat Forecast 2025 - Part One - North America

Part 1 of a 4-part  series that will forecast the international cyber threat landsape in 2025, beginning with North America, then India, Criminal / Hacktivist Activity, then Nation-State / Foreign Affairs. 

North American Cyber Threat Landscape

With 2025 having kicked off with Donald Trump re-entering the White House as the 47th President of the United States, threat actors from opposing nation-states will likely leverage cyberspace in retaliation.

Additionally, due to supply chains, as well as President Trump hinting at the idea that Canada should join the US as the ‘51st state’, these cyber threats will also likely have a ripple effect further north. 

As a result, both public and private sector organisations must prepare to prioritise risk management strategies to combat a variety of threat actor activities. 

United States of America 

Tump’s China Hawks To Confront Beijing

President Trump has established a cabinet consisting of China hawks that will likely result in increased tensions between Beijing and Washington for years to come. In 2025, this will likely transition into cyberspace by Chinese espionage actors seeking to collect intelligence on the diplomatic relations between the US and Taiwan as well as to gather data on the recently formed US-Japan-Philippines alliance with the US aiming to push back against China’s territorial claims in the South China Sea. 

With the imminent deadline of the ‘Made in China 2025’ programme on the horizon, Chinese nation-state-sponsored espionage and intellectual property (IP) theft pursuits will likely ramp up against the technology and manufacturing sectors with the Chinese government seeking to bring innovative technology to global markets.

These campaigns will likely be intensified with the Trump Administration intending to implement tariffs targeting imported Chinese technology products. 

Chinese nation-state adversaries, such as Volt Typhoon, will also likely pivot to a more destructive posture by attempting to sabotage Western critical sectors. These attacks will likely carry the objective of pre-positioning cyber exploitation and attack capabilities within Western networks to prepare for future hostilities with the US and to disrupt communication infrastructure between Washington and East Asia during any future crisis.

Taiwan will likely remain a prime focus of Chinese IP theft to undermine the ‘Silicon Shield’ defensive strategy. However, the US technology sector will likely be caught in the crossfire of these IP extraction campaigns with the Taiwan Semiconductor Manufacturing Company (TSMC) set to build its silicon chips in three factories currently under construction in Arizona following TSMC receiving a pledge in government subsidy as part of the 2022 Chips and Science Act.

Chinese nation-state threat actors will likely continue targeting network infrastructure of nations in the South China Sea region to collect intelligence on military exercises and national policy. With China’s ‘nine-dash-line’ claims being heavily criticised by the White House, Chinese espionage actors will likely target the US government and telecommunication sectors to gauge Washington’s foreign policy strategies.  This cyber activity will likely be aggravated following the strengthened trilateral relations between the US, Japan, and the Philippines, with these states discussing key topics including the Taiwan Relations Act obligating Washington to provide weapons to defend Taipei as well as the Philippines and Japan being US defence treaty allies.

Iranian Sanctions Increasing Global Cyber Risk

Cyber espionage sponsored by the Iranian regime will likely seek to collect intelligence on US foreign policy regarding the Joint Comprehensive Plan of Action (JCPoA) as well as to gauge the position of the US government’s support of Israel against Iran’s Axis of Resistance proxies throughout the Middle East. 

This will also likely expand to include the US finance sector in retaliation to President Trump, who has voiced his intention to enforce further sanctions against Iran, mirroring the ‘maximum pressure’ policy that was applied during the previous Republican Party administration.

Cyber Threat Actors To Capitalise On Uncertainties Within NATO?

Based on statements leading up to the 2024 US presidential election, the Republican Party Presidency raises concerns about the future of US support for NATO and Ukraine. While it is unlikely that the US will abandon NATO under the administration, there is a realistic possibility that Europe could see the US shift focus domestically, leaving the continent to face off against Russia in a weakened condition both militarily and in cyberspace.

Russian cyber espionage will likely surge against US government networks throughout the early months of 2025 with Russian threat actors likely to gather intelligence on the Trump Administration’s intentions of ending the war in Ukraine.  

Canada

US-China Tensions To Impact Canadian Companies?

The Canadian Centre for Cyber Security (CCCS) recently disclosed that Chinese nation-state-sponsored threat actors have compromised at least 20 Canadian government networks over the past four years, with the objectives of espionage, IP theft, influence operations, as well as the repression of diaspora communities.  

Due to the ongoing diplomatic strains between Canada and China, these cyber threat activities will continue to pose a threat to high-profile organisations and citizens alike. An example of the latter would be Chinese state actors likely to perform surveillance on advocates for Taiwanese and Hong Kong independence as well as Tibetan pro-democracy activists that are present within the Canadian borders.

However, due to the integration of critical infrastructure throughout North America, China’s increasingly disruptive cyber posture in response to rising tensions with the US, will likely impact Canada’s networks. 

Further, Canada’s innovative research infrastructure, as well as economic tensions increasing based on bilateral trade, will also likely present motivation for Chinese espionage actors to target the country’s network infrastructure to bolster Beijing’s strategic objectives. 

To Be Continued:

Image: MikeyGen73

Craig Watt is a Threat Intelligence Consultant at Quorum Cyber specializing in strategic and geopolitical intelligence.

You Might Also Read: 

Trump 2.0: Cyberwarfare To Reach New Heights:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Balancing Progress & Protection In Britain's Public Services
The Rising Threat Of Biometric Breaches & Stolen Data »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Radisys

Radisys

Radisys offers software, products, integrated systems, and professional services for communication service providers and telecom solution vendors.

Cyber Defense Labs

Cyber Defense Labs

Cyber Defense Labs helps companies identify, mitigate and reduce risk as a trusted, reliable partner for cyber risk management.

Cyber Craft

Cyber Craft

CyberCraft is an innovative and dynamic software development, outsourcing and consulting company. Services offered include penetration testing.

OpenZeppelin

OpenZeppelin

OpenZeppelin builds developer tools and performs security audits for distributed systems that power multimillion-dollar economies.

Qascom

Qascom

Qascom is an engineering company offering security solutions in satellite navigation and space cybersecurity. We are one of the European key players in GNSS authentication and security.

Palitronica

Palitronica

Palitronica build cutting-edge hardware and breakthrough software that revolutionizes how we defend critical infrastructure and key resources.

Mailinblack

Mailinblack

Mailinblack protects your organisation against email threats with an innovative solution that meets your security requirements.

Telesystem

Telesystem

Telesystem empowers businesses across the USA with a range of innovative network, communication and collaboration solutions.

Fulcrum Technology Solutions

Fulcrum Technology Solutions

The Fulcrum team of technologists are recognized experts in the fields of IT Infrastructure Technology, Security, Service Management and Support.

AuthMind

AuthMind

Prevent your next identity-related cyberattack with the AuthMind Identity SecOps Platform. It works anywhere and deploys in minutes.

SENTRIQS

SENTRIQS

SENTRIQS advanced encryption technology is engineered to defend against the most sophisticated cyber threats, keeping your operations efficient and secure.

Cyber Intell Solution (CIS)

Cyber Intell Solution (CIS)

Cyber Intell Solution provide expert consulting, specialized products, and tailored operational services to governmental and corporate industry worldwide.

HYCU

HYCU

HYCU was born of the need to simplify data protection and provide equivalent levels of backup and recovery support across on premises, public cloud, and SaaS workloads.

Internet Watch Foundation (IWF)

Internet Watch Foundation (IWF)

Since the early days of the internet, our job has been to help child victims of sexual abuse by hunting down and removing any online record of the abuse.

Tranchulus

Tranchulus

Tranchulus are a global provider of offensive and defensive cyber solutions, information security assessment, compliance and managed security services.

INETCO Systems

INETCO Systems

INETCO deliver essential real-time cybersecurity, payment fraud detection, operational monitoring and analytics solutions that empower our customers to grow their businesses without interruptions.