What's Happening?
In 2025, the high-tech sector became the most targeted industry for cyber-attacks, surpassing financial services, according to Mandiant's latest incident response data. High-tech companies accounted for 17% of all investigations, while the financial sector represented
14.6%. The report highlights a shift in threat actor focus, with business and professional services and healthcare also being heavily targeted. Mandiant and Google Threat Intelligence Group identified 83 malicious cyber campaigns and eight global cyber events in 2025, affecting organizations across 73 countries. The global median dwell time, the period an attacker remains undetected in a system, increased from 11 to 14 days, driven by North Korean-linked cyber espionage campaigns.
Why It's Important?
The shift in cyber-attack focus from financial services to the high-tech sector underscores the evolving landscape of cybersecurity threats. This change highlights the need for robust security measures across all sectors, as threat actors adapt their strategies. The increase in dwell time suggests that attackers are becoming more sophisticated, remaining undetected for longer periods. This poses significant risks to U.S. industries, as prolonged undetected breaches can lead to substantial data loss and financial damage. The report emphasizes the importance of continuous monitoring and advanced threat detection to mitigate these risks.
What's Next?
Organizations in the high-tech sector and other targeted industries must enhance their cybersecurity strategies to address the evolving threat landscape. This includes investing in advanced threat detection technologies and improving incident response capabilities. As threat actors continue to adapt, businesses must remain vigilant and proactive in their cybersecurity efforts. Collaboration between industries and government agencies will be crucial in developing effective defense strategies against these sophisticated cyber threats.
