Cyber Threat Forecast 2025 Part One - North America

Uploaded on 2025-01-22 in INTELLIGENCE--International, FREE TO VIEW, INTELLIGENCE-Hot Spots-China

Cyber Threat Forecast 2025 - Part One - North America

Part 1 of a 4-part  series that will forecast the international cyber threat landsape in 2025, beginning with North America, then India, Criminal / Hacktivist Activity, then Nation-State / Foreign Affairs. 

North American Cyber Threat Landscape

With 2025 having kicked off with Donald Trump re-entering the White House as the 47th President of the United States, threat actors from opposing nation-states will likely leverage cyberspace in retaliation.

Additionally, due to supply chains, as well as President Trump hinting at the idea that Canada should join the US as the ‘51st state’, these cyber threats will also likely have a ripple effect further north. 

As a result, both public and private sector organisations must prepare to prioritise risk management strategies to combat a variety of threat actor activities. 

United States of America 

Tump’s China Hawks To Confront Beijing

President Trump has established a cabinet consisting of China hawks that will likely result in increased tensions between Beijing and Washington for years to come. In 2025, this will likely transition into cyberspace by Chinese espionage actors seeking to collect intelligence on the diplomatic relations between the US and Taiwan as well as to gather data on the recently formed US-Japan-Philippines alliance with the US aiming to push back against China’s territorial claims in the South China Sea. 

With the imminent deadline of the ‘Made in China 2025’ programme on the horizon, Chinese nation-state-sponsored espionage and intellectual property (IP) theft pursuits will likely ramp up against the technology and manufacturing sectors with the Chinese government seeking to bring innovative technology to global markets.

These campaigns will likely be intensified with the Trump Administration intending to implement tariffs targeting imported Chinese technology products. 

Chinese nation-state adversaries, such as Volt Typhoon, will also likely pivot to a more destructive posture by attempting to sabotage Western critical sectors. These attacks will likely carry the objective of pre-positioning cyber exploitation and attack capabilities within Western networks to prepare for future hostilities with the US and to disrupt communication infrastructure between Washington and East Asia during any future crisis.

Taiwan will likely remain a prime focus of Chinese IP theft to undermine the ‘Silicon Shield’ defensive strategy. However, the US technology sector will likely be caught in the crossfire of these IP extraction campaigns with the Taiwan Semiconductor Manufacturing Company (TSMC) set to build its silicon chips in three factories currently under construction in Arizona following TSMC receiving a pledge in government subsidy as part of the 2022 Chips and Science Act.

Chinese nation-state threat actors will likely continue targeting network infrastructure of nations in the South China Sea region to collect intelligence on military exercises and national policy. With China’s ‘nine-dash-line’ claims being heavily criticised by the White House, Chinese espionage actors will likely target the US government and telecommunication sectors to gauge Washington’s foreign policy strategies.  This cyber activity will likely be aggravated following the strengthened trilateral relations between the US, Japan, and the Philippines, with these states discussing key topics including the Taiwan Relations Act obligating Washington to provide weapons to defend Taipei as well as the Philippines and Japan being US defence treaty allies.

Iranian Sanctions Increasing Global Cyber Risk

Cyber espionage sponsored by the Iranian regime will likely seek to collect intelligence on US foreign policy regarding the Joint Comprehensive Plan of Action (JCPoA) as well as to gauge the position of the US government’s support of Israel against Iran’s Axis of Resistance proxies throughout the Middle East. 

This will also likely expand to include the US finance sector in retaliation to President Trump, who has voiced his intention to enforce further sanctions against Iran, mirroring the ‘maximum pressure’ policy that was applied during the previous Republican Party administration.

Cyber Threat Actors To Capitalise On Uncertainties Within NATO?

Based on statements leading up to the 2024 US presidential election, the Republican Party Presidency raises concerns about the future of US support for NATO and Ukraine. While it is unlikely that the US will abandon NATO under the administration, there is a realistic possibility that Europe could see the US shift focus domestically, leaving the continent to face off against Russia in a weakened condition both militarily and in cyberspace.

Russian cyber espionage will likely surge against US government networks throughout the early months of 2025 with Russian threat actors likely to gather intelligence on the Trump Administration’s intentions of ending the war in Ukraine.  

Canada

US-China Tensions To Impact Canadian Companies?

The Canadian Centre for Cyber Security (CCCS) recently disclosed that Chinese nation-state-sponsored threat actors have compromised at least 20 Canadian government networks over the past four years, with the objectives of espionage, IP theft, influence operations, as well as the repression of diaspora communities.  

Due to the ongoing diplomatic strains between Canada and China, these cyber threat activities will continue to pose a threat to high-profile organisations and citizens alike. An example of the latter would be Chinese state actors likely to perform surveillance on advocates for Taiwanese and Hong Kong independence as well as Tibetan pro-democracy activists that are present within the Canadian borders.

However, due to the integration of critical infrastructure throughout North America, China’s increasingly disruptive cyber posture in response to rising tensions with the US, will likely impact Canada’s networks. 

Further, Canada’s innovative research infrastructure, as well as economic tensions increasing based on bilateral trade, will also likely present motivation for Chinese espionage actors to target the country’s network infrastructure to bolster Beijing’s strategic objectives. 

To Be Continued:

Image: MikeyGen73

Craig Watt is a Threat Intelligence Consultant at Quorum Cyber specializing in strategic and geopolitical intelligence.

You Might Also Read: 

Trump 2.0: Cyberwarfare To Reach New Heights:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Balancing Progress & Protection In Britain's Public Services
The Rising Threat Of Biometric Breaches & Stolen Data »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Zayo

Zayo

Zayo is a leading global bandwidth infrastructure services provider for high-performance connectivity, secure colocation and flexible cloud services.

Messageware

Messageware

Messageware is the market leader in securing, enhancing, and customizing Microsoft Exchange and Outlook Web App.

ID-SIRTII/CC

ID-SIRTII/CC

Security Incident Response Team for Internet Infrastructure in Indonesia.

IS Decisions

IS Decisions

IS Decisions builds affordable and easy-to-use Access Management software solutions, allowing IT teams to effectively secure access to Active Directory infrastructures, SaaS apps and data within.

Ezenta

Ezenta

Ezenta is a Danish IT security consulting firm.

Rafael

Rafael

Rafael has more than 15 years of proven experience in the cyber arena providing solutions for national security as well as commercial applications.

Netlawgic Legal Services

Netlawgic Legal Services

Netlawgic is exclusively focused on delivering cyber law solutions to the industry. We provide our clients with specialized attention and problem solving in all aspects of cyber law.

Cryptika

Cryptika

Cryptika is a fully integrated IT security and managed services provider, specialized in Next-Generation Cyber Security Technologies.

Stealth Software Technologies

Stealth Software Technologies

Stealth Software Technologies is focused on the generation of research and software products focused on applied cryptography and cybersecurity.

Tracepoint

Tracepoint

Tracepoint provide full-service cyber incident response, remediation and recovery solutions for the most time-sensitive situation your company may ever face.

ACL Digital

ACL Digital

ACL Digital, an ALTEN Group company, is a leader in design-led digital experience, innovation, enterprise modernization, and product engineering services converging to Technology, Media & Telecom.

Icon Information Systems (ICONIS)

Icon Information Systems (ICONIS)

ICONIS is an integrated infrastructure and service provider, offering unified Information Technology (IT) solutions globally.

TerraEagle

TerraEagle

Terraeagle is a boutique cyber security services company providing tailor-made solutions. Our core competency is in SOCaaS, MDRaaS & and Incident Response Retainer Services.

USX Cyber

USX Cyber

USX Cyber was founded on the idea that small and medium businesses deserve and require the same level and sophistication of cyber protection as large enterprises.

STACK Cybersecurity

STACK Cybersecurity

STACK Cybersecurity serves as a strategic partner, guiding you through the intricate and dynamic cybersecurity landscape.

CyRiSo

CyRiSo

CyRiSo is a cyber security consulting company with a focus on 'as-a-service' services for the most pressing challenges of cyber security.