Nokia’s eleventh annual Threat Intelligent Report features, as usual, assessments that likely scare computer security experts and their corporate bosses.
Specifically, the company found that 63% of respondents experienced at least one “living off the land” (LOTL) attacks during the past year. Thirty-two percent saw more than three. (CrowdStrike defines LOTL attacks as being “fileless — meaning they do not require an attacker to install any code or scripts within the target system. Instead, the attacker uses tools that are already present in the environment.”)
The Nokia Threat Report said that low-profile infections of systems during the past year have caused “major data exposure,” which has forced costly remediation.
Other highlights from the Nokia Threat Report:
- Distributed denial of service (DDoS) attacks peaking in the 5 to 10 Tbps range are the “new normal.” This is faster than most alert systems’ ability to sound alarms.
- Seventy-eight percent of DDoS attacks now end within five minutes (compared to 44% last year). Thirty-seven percent end in under two minutes. This highlights the need for rapid detection and mitigation.
- More than 100 million residential endpoints (4% of the global total) are now available for exploits and malicious uses of bandwidth.
The report said that the timespan in which digital certificates are valid is shrinking “dramatically” and that the industry is taking its time preparing for quantum computing’s network security impact.
“Connectivity powers everything from public safety and financial transactions to digital identity. Recent attacks have reached lawful interception systems, leaked sensitive subscriber data and disrupted emergency services,” Kal De, Nokia’s Senior Vice President, Product and Engineering, Cloud and Network Services, said in a press release about the Nokia Threat Report.
“The industry must fight back through shared threat intelligence, AI-driven detection and response, and crypto-agility, turning interconnected networks from a vulnerability into a source of resilience.”
Earlier this week, the 2025 Comcast Business Threat Report said that there were about 35 billion cybersecurity events this year.
