KUALA LUMPUR, Aug 12 — In a troubling snapshot of the current cybersecurity landscape, Picus Security revealed a sharp decline in global cybersecurity defensive effectiveness despite an alarming rise in the volume and sophistication of cyberattacks.
Its Blue Report 2025 draws on over 160 million real-world attack simulations conducted in live production environments.
The United States-based security validation company found that 46 per cent of tested environments had at least one password hash cracked. Even more concerning, attacks using valid credentials succeeded 98 per cent of the time, allowing adversaries to bypass controls with ease and remain virtually undetected.
These trends show how quickly compromised credentials can lead to large-scale data theft.
“We must operate under the assumption that adversaries already have access,” said Picus Security co-founder and Picus Labs vice president Süleyman Ozarslan in a statement.
He urged organisations to adopt an ‘assume breach’ mindset, improve identity control validation, and strengthen behavioural detection.
Among the most staggering findings is that only three per cent of data exfiltration attempts were stopped, down from nine per cent in 2024. This comes amid a surge in infostealer malware and double-extortion ransomware, where attackers encrypt and steal data simultaneously to maximise leverage.
Ransomware remains a key threat, with BlackByte registering a prevention effectiveness rate of 26 per cent, followed by BabLock at 34 per cent and Maori at 41 per cent.
Detection capabilities also suffered, with discovery techniques like System Network Configuration Discovery and Process Discovery blocked in fewer than 12 per cent of simulations.
Overall prevention effectiveness dropped to 62 per cent in 2025 from 69 per cent last year. Although logging coverage stayed at 54 per cent, only 14 per cent of attacks generated alerts, indicating that most malicious activities went undetected.
The report, compiled from simulations conducted between January and June this year, includes industry-specific findings and recommendations to strengthen security controls and improve threat readiness.
