BY Richard Summerfield
An increasing number of attacks on critical infrastructure, a surge in phishing and record-breaking vulnerability disclosures are among the challenges facing companies operating today, according to a new report from critical infrastructure cyber security firm OPSWAT.
The report, OPSWAT’s inaugural Threat Landscape Report, reveals key findings from over 890,000 sandbox scans conducted over the past 12 months.
Among the key highlights within the report is the global cost of cyber crime, which is projected to reach $1.2 trillion in 2025, with downtime and lost productivity representing up to $1 trillion of that total. The report also highlighted a 127 percent rise in malware complexity and warns that traditional detection methods are falling behind, with one in 14 files initially deemed ‘safe’ by legacy systems later confirmed to be malicious. According to OPSWAT, the results underscore the need for multilayered defences and a shift away from outdated tools.
Attacks on operational technology (OT) and critical infrastructure have continued their upward trajectory in 2025. Sectors such as manufacturing, energy and utilities remain at the forefront of threat actor targeting, with financial and espionage motivations both in play. Ransomware remains one of the most prominent threats, featuring in 44 percent of all breaches across sectors and accounting for 75 percent of breaches within the system intrusion pattern. Vulnerability exploitation has also risen sharply as an initial access vector, with attackers particularly focusing on edge devices, firewalls and VPN services.
The report also made note of the surge in malware sophistication which is being driven by multi-stage execution chains and heavy obfuscation, with 7.3 percent of files missed by public OSINT feeds flagged as malicious by Filescan.io, on average 24 hours earlier. These were confirmed executions, not speculative flags, highlighting how adaptive analysis can close dangerous gaps left by static and reputation-based systems.
According to the report, malicious actors are increasingly favouring stealth over scale, concealing payloads in formats such as .NET bitmaps and steganographic images and repurposing Google services for covert command-and-control activity. Social engineering tactics are also evolving, with methods such as ‘ClickFix’ – a clipboard hijacking technique – becoming more widespread, with such attacks enjoying a bump in popularity among both criminal and nation-state actors.
Heightened regulatory scrutiny is also having an impact as it intensifies, particularly in the EU through the Network and Information Systems Security Directive 2, or NIS2, and the Cyber Resilience Act, and in North America, which is driving mandatory reporting and resilience requirements for critical infrastructure. As a result, the cyber security market itself is projected to grow at a 12.6 percent compound annual growth rate, reaching $301.9bn in 2025.
According to OPSWAT: “As critical infrastructure, government systems, and enterprise networks face growing targeting from increasingly modular and evasive malware, the findings of this report spotlight the evolving adversary playbook and the need for integrated, multilayered solutions. Cybersecurity leaders must now prioritize adaptability, shared intelligence, reassessing technology, and fast behavioral detection pipelines to protect systems from known threats, but also to keep pace with a rapidly evolving threat landscape and whatever is on the horizon.”