Nation-State Hackers and AI-Powered Ransomware Target Industrial Sector

Explore the rise of AI-driven cyber threats and nation-state collaborations in Trellix's 2025 threat report, highlighting industrial sector impacts.

By Content Team

Oct 25, 2025

ON THIS PAGE

Share

---

ON THIS PAGE

Want more insights like this?

Subscribe to our newsletter to get the latest software protection strategies delivered to your inbox.

By submitting your email, you consent to Codekeeper contacting you and agree to our privacy policy.

Cybercriminals are rapidly adopting AI-powered tools while nation-state hackers increasingly collaborate with financially motivated groups, according to Trellix's latest threat report covering April-September 2025.

The industrial sector bore the brunt of attacks, accounting for 36.57% of all ransomware victims. Qilin emerged as the dominant ransomware group after RansomHub's collapse, responsible for 441 victim posts and showing a clear preference for industrial targets.

The report documented the first AI-powered infostealer, LameHug, attributed to Russian APT28 hackers. This malware uses large language models to generate dynamic attack commands, marking a significant shift from theoretical AI threats to operational weapons.

Geopolitical tensions drove cyber activity spikes, particularly during Taiwan Strait military exercises in April and Israel-Iran conflicts in June. PowerShell remains the top attack vector, used in 77.7% of ransomware campaigns.

Source: Industrial Cyber

Share this article

Have questions about protecting your software?

Our escrow experts are standing by to help.

Book a free demo

YOU MAY ALSO LIKE

Kaiser Permanente Settles Privacy Breach for $46 Million - Here's How to Claim Your Share

Feb 4, 2026

Hundreds of Thousands Hit in Kensington and Chelsea Council Cyber Attack

Jan 15, 2026

Companies House Security Breach Exposes UK Business Data

Mar 31, 2026

TeamPCP Hackers Compromise Official Telnyx Python Package in Supply Chain Attack

Mar 28, 2026