Arctiq Quarterly Risk Report (Q3)

Written by Tim Tipton | Oct 9, 2025 8:30:42 PM

Cyber risk has continued its trajectory of intensification. The pace of attacker innovation, especially around AI-enabled attacks, has outstripped many defenders’ ability to keep up. Meanwhile, geopolitical tensions, software supply chain exposure, identity/credential abuse, and increasingly bold ransomware/“disruption-first” adversaries have combined to create a forbidding landscape.

Over this past quarter, a few “signal” incidents crystallize these themes (such as the St. Paul municipal attack, Collins Aerospace / airport disruption, Oracle-targeting extortion campaigns, and large-scale SaaS / Salesforce compromises via ShinyHunters / Scattered Spider).

In what follows, I’ll walk us through the evolving trends, our risk taxonomy for this quarter, diving deeper into where we see structural weaknesses, then conclude with recommendations and metrics we should track for Q4.

Threat Landscape & Context

To set the stage, a few macro-observations and indicators:

According to the World Economic Forum Global Cybersecurity Outlook 2025, 72% of respondents say organizational cyber risk has increased over the past year, with 47% flagging adversarial advances via generative AI (GenAI) as a top concern. World Economic Forum
Ransomware remains a dominant driver of large claims: Allianz notes that in the first half of 2025, ransomware made up ~60% of the value of large cyber claims, with ~40% of those including data theft (versus “only encryption”); showing shift toward double/extortion models. Allianz Commercial
Trend Micro’s 2025 Cyber Risk Report emphasizes that we must shift from breach-prevention to proactive defense and resilience posture (i.e. assume compromise, build ability to detect and recover). Trend Micro
Deloitte calls out “exploitation of human behavior, ransomware evolution, emerging threat actors, and “old vulnerabilities resurrected” as key vectors. Deloitte
The CrowdStrike / CrowdCast 2025 trend discussions highlight metrics like “75% increase in attacks using stolen credentials / remote tools” and extremely fast breakout times for eCrime. CrowdStrike

So: the environment is not just “more attacks”; it’s faster, smarter, more hybrid, more damage-oriented, and more complex.

We must organize risk not by threat names, but by attack surfaces and failure modes. Below is how I map the top risk themes we saw in Q3.

Top Risk Themes (Q3 2025)

Here are the top risks (in ranked order, though all are material) for Q3:

Ransomware, Extortion & Disruption-First Attacks
Supply Chain & SaaS / Vendor Cascades
Identity / Credential Attack Paths (incl. pass-the-token, session hijack, account takeover)
AI-Augmented Social Engineering, Deepfake / Phishing
OT / Critical Infrastructure & Service Disruption
Visibility Gaps, Unknown Asset & Cloud Drift
Regulatory / Legal / Insurance / Liability Shock
Model-level / AI/ML Manipulation / Poisoning

Let me deep-dive each.

1. Ransomware, Extortion & Disruption-First Attacks

What we observed in Q3:

Ransomware attacks on businesses rose from ~1,195 in Q2 2025 to ~1,325 in Q3, an ~11% increase. The average ransom demanded: ~$3.02 million. Industrial Cyber
In the healthcare sector, though volumes declined (78 attacks in Q3 vs 91 in Q2), the amounts remain steep: average ransom ~$844,500. Industrial Cyber
In August, a wave of ransomware attacks specifically targeted organizations using SonicWall Gen 7 firewalls with SSL VPN enabled, initially suspected as zero-days but later tied to CVE-2024-40766 (password-handling migration bugs). That bypassed MFA in some cases.
The Collins Aerospace / vMUSE cyberattack in September disrupted airport check-in and baggage systems across Europe. Though not classical “encrypt-my-data” ransomware, it leveraged extortion/disruption of critical operational services.
Oracle confirmed that “dangerous extortion emails” were being sent to its customers, potentially exploiting vulnerabilities in Oracle E-Business Suite, with ransom demands up to ~$50 million.
The shift: attackers increasingly combine data theft + encryption + disruption + reputational threats (i.e. “if you don’t pay, we leak, subpoena, go public, destroy service”); or focus on causing havoc instead of simply profit.

Why this is so potent:

The capital damage impact is rising. It’s no longer just recovery and restoration costs, but downtime, brand loss, regulatory fines, erosion of customer trust.
Disruption attacks (especially in OT or service platforms) are harder to mitigate with standard backup strategies; they force business continuity planning into the center.
The “extractor’s leverage” is higher: dual extortion (data leak) and disruption make negotiation posture more difficult for defenders.
Insurance and captive underwriting are becoming stricter: as carriers see losses escalate, they demand more rigorous controls for coverage.

Key failure modes:

Inadequate network segmentation (flat networks, trust too wide)
Poor offline / immutable backup architecture
Weak incident response readiness and playbooks
Overreliance on perimeter controls and less on internal detection
Poor visibility into attacker dwell time

2. Supply Chain & SaaS / Vendor Cascades

Signals in Q3:

The ShinyHunters / Scattered Spider campaigns continue to wreak havoc. They targeted Salesforce environments (via social engineering / vishing) and extracted ~1.5 billion records across 760+ companies.
Qantas confirmed a breach affecting ~6 million customer records; the attack vector: a compromised third-party customer servicing platform used in their contact center. The Guardian
In many recent high-impact breaches, the initial breach is not in the target’s own perimeter, but via SaaS connectivity or vendor compromise. For example, attackers compromised OAuth tokens in Drift / Salesloft to pivot into Salesforce systems.
The “vendor trust boundary” is eroding: once a vendor or SaaS is trusted, lateral movement is easy, and often that trust is implicit, unmonitored, and unsegmented.

Why this is escalating:

Attackers get multiplicative scale: compromise one vendor, reach dozens of customers. That gives a massive return-on-effort.
Many customers treat vendor-supplied services as “black boxes” with limited visibility into their internal security controls.
Contractual and SLAs often lack strong security enforcement or audit rights, leaving gaps.
Third-party risk assessments remain superficial in many cases, lacking dynamic / continuous monitoring.

Failure modes & risk drivers:

Insufficient vendor security governance (lack of security clauses, audits, SLAs)
Over-scoped privileged vendor access (too broad or persistent privileges)
Blind trust (no continuous monitoring or segmentation)
Lack of telemetry, logs, or alerting across vendor links
No “zero trust” posture even for external dependencies

3. Identity / Credential Attack Paths

This is the backbone of many compromise chains, and Q3 reaffirmed how identity is often the weakest link.

Key observations:

CrowdStrike cites a 75% uplift in attacks using stolen credentials and remote tools. CrowdStrike
Attackers are leveraging pass-the-token, session hijacking, credential stuffing, weak MFA methods, phishing of privileged accounts, and more.
Session persistence, long-lived tokens, and stale credential revocation gaps remain exploited heavily.
In the ShinyHunters example, voice phishing (vishing) of employees to trick them into installing malicious data loader tools (which then exploited OAuth tokens) was central.
LLMs (large language models) are being used to craft highly convincing spear-phish campaigns at scale, customized to target identities, roles, relationships.

Why identity / credential paths remain compelling:

They bypass many perimeter controls; once you assume the identity, you look “legit.”
They scale: credential space is large, but many credentials are weak, reused, or poorly managed.
Many environments still do not adopt truly rigorous identity governance, least privilege, just-in-time elevation, or continuous verification.

Weakness patterns / failure modes:

Overprovisioned privileged access (excess admin accounts, standing access)
Long-lived tokens or sessions not rotated or revoked
Weak / absent MFA (or MFA bypass)
Inadequate identity lifecycle management (orphaned accounts, contractor accounts, stale credentials)
No behavioral / anomaly-based identity detection
Poor identity-privilege mapping (role creep, lateral privilege assumptions)

4. AI-Augmented Social Engineering, Deepfake / Phishing

This quarter, we saw further maturation of socially engineered attacks powered by AI.

Signals:

Organizations increasingly call out adversaries using AI-generated phishing emails, hyper-personalized messages, and deepfake impersonations. GSOD
The World Economic Forum data indicates that 47% of organizations cite GenAI-driven adversarial advances as a top concern. World Economic Forum
Research is emerging around model poisoning, adversarial AI use, or injecting misleading training data to subvert detection or classification models. arXiv
The duel: defenders also lean heavily on AI/ML for detection, triage, prioritization. The arms race is more direct now.

Why this is critical:

Humans remain the most vulnerable point; social engineering is low-cost, high-leverage.
AI accelerates the attack lifecycle: reconnaissance, content generation, adaptation, evasion.
Deepfake / voice cloning means that “trusted channel” assumptions (a call from your boss, or a voice message) can be faked.
As detection models proliferate, attackers will probe and evade them via subtle adversarial modifications.

Typical failure modes:

Insufficient training / awareness / phishing resilience, especially for high-risk roles (executives, finance, HR)
No defense-in-depth phishing controls (sandboxing, URL validation, anomaly scoring)
Lack of MFA fallback checks or thresholds for anomalous access
Insufficient “human + AI” oversight, e.g., over-reliance on AI detection without human review
No mechanism to detect model drift, poisoning, or tampering

5. OT / Critical Infrastructure & Service Disruption

Our risk horizon is expanding: attacks aren’t just targeting data, but direct interference with real-world systems.

Key incidents:

The St. Paul city cyberattack (late July) caused such disruption that Minnesota deployed the National Guard and the city declared a state of emergency. Systems affected included payment portals, internal networks, public Wi-Fi, and core city infrastructure.
The aforementioned Collins Aerospace / vMUSE attack hit check-in / baggage systems across multiple airports, showing how interdependent systems can cascade failures.
Honeywell’s trend commentary warns that OT attacks will increase, that attackers are no longer satisfied with just stealing or defacing but now want to shut down facilities. Honeywell
Attackers are optimizing for deniability, disruption, confusion rather than just ransom. Disabling backups, injecting logic bombs in ICS, manipulating sensor data, these are now in play.

Why this is rising:

OT/ICS systems are often legacy, poorly patched, and designed without cybersecurity in mind.
Traditional IT security tooling often doesn’t extend to OT environments, creating air gaps or blind spots.
The payoff is higher: harming physical infrastructure or business continuity is attractive to ransomware gangs, nation-state actors, or hacktivists.
Interconnectivity (IoT, remote support, vendor telemetry, industrial control networks) creates new paths of ingress.

Failure modes to watch:

Lack of segmentation between IT and OT, flat or bridged networks
Weak or absent OT monitoring, anomaly detection, sensor integrity checks
Remote support or vendor access with weak controls
Inadequate patching, outdated firmware, unmaintained legacy ICS
No recovery plan for OT-specific incidents (redundancy, fallback, manual override)

6. Visibility Gaps, Unknown Asset & Cloud Drift

I often say to teams: you can’t defend what you don’t see. This quarter, that truism showed up in full force.

What we saw:

Many breaches begin with shadow assets, under-instrumented workloads, unmonitored containers, forgotten accounts or drifted cloud stacks.
In vendor compromise cases (see supply chain section), the ability to detect pivot or lateral movement failed because defenders lacked telemetry or logging in those paths.
Deloitte and other reports emphasize that “old vulnerabilities, resurrected” succeed when visibility is missing and attackers can exploit latent issues silently. Deloitte
Honeywell calls out “asset visibility will improve” as a 2025 trend, meaning the gap today is still significant. Honeywell

Why this is dangerous:

Blind spots allow attacker dwell time to stretch, increasing damage.
Without detection, all you see is the aftermath.
Attackers can exploit drift (configuration drift, cloud sprawl, unmanaged workloads).
Asset management is the foundation of patching, segmentation, vulnerability management, and incident triage.

Typical failures:

Poor CMDB / asset registry completeness
No continuous cloud posture / drift detection
Lack of microsegmentation or east-west traffic monitoring
Failure-to-rotate or identify stale credentials, service accounts, API keys
Log gaps or telemetry black holes (e.g., missing VSAs, missing host EDR in some environments)

7. Regulatory / Legal / Insurance / Liability Shock

As threat exposure worsens, the non-technical risks are becoming equally terrifying.

Evolving pressures in Q3:

Regulators globally are mandating stricter reporting, breach disclosure, and executive-level liability (e.g. NIS2, state-level “duty to report,” evolving U.S. SEC/SARB rules).
Insurers are raising premiums, requiring more stringent controls, and reducing coverage for firms that don’t comply with baseline posture requirements.
Class action litigation and privacy fines (e.g. GDPR, data protection laws) mean that a breach isn’t just operational; it’s a financial and reputational one.
Failure in third-party risk (vendor breaches) often implicates contractual liability, indemnification, and reputational damage.

Why this is a “risk amplifier”:

Even if a firm is not directly breached, exposure via vendor or cloud provider may draw liability or regulatory scrutiny.
Insurance cover may fight tooth and nail over causation, control gaps, or late reporting.
Executives/boards are increasingly held to standard of “reasonable security”, failure to heed risk reports or invest in mitigations could be construed as negligence.

Key risk nodes:

Weak or missing contract / SLA clauses with vendors regarding security, breach notification, right-to-audit
Lack of breach disclosure readiness (incident response + legal coordination)
Gaps between actual security posture and what is implied or reported to regulators
Insurance / underwriting misalignment (e.g. firms believe they are covered when they are not)

8. Model-level / AI / ML Manipulation / Poisoning

This is among the more forward-leaning risk domains, but by this quarter, it’s no longer speculative.

What’s emerging:

Research is actively exploring model poisoning, adversarial attacks, backdoor insertion, data poisoning, and inference attacks on machine learning systems. arXiv
Large Language Models (LLMs) can be co-opted by attackers: red teams now feed prompts, generate exploit code, reconnaissance tools, or weaponize models for social engineering. arXiv
Because many enterprises are embedding AI/ML inference, recommendation, detection, or decision systems, compromising them can lead to cascading failures (e.g. compromised detection models, false negatives, poisoned alerts).
Identity / human-machine identity convergence (the “blur”) is creating new attack surfaces, where machine identities, bot identities, autonomous agents, and human identities intertwine and can be hijacked or spoofed. arXiv

Why this matters:

AI/ML systems are becoming part of the control and detection fabric; if compromised, they can turn adversarial.
Attackers may manipulate decision systems, skew anomaly detection, or feed false signal to defenders.
The barrier to entry is lowering: attackers do not necessarily need deep ML expertise if they can prompt LLMs or repurpose open-source tooling.

Failure modes to watch:

Lack of governance / access controls around model training pipelines, inference endpoints
Absence of integrity checks, model versioning, tamper detection
No adversarial testing or red teaming of ML systems
Over-trusting AI outputs without human oversight

Case Studies & Deep Dives

Let’s pull a few real-world examples from Q3 to ground this.

Case: St. Paul Municipal Attack

In July 2025, a coordinated cyberattack struck the City of St. Paul, Minnesota. Disruptions included internal networks, online payment portals, public Wi-Fi; core services were offline. The city declared a state of emergency, and the Minnesota National Guard was mobilized. Wikipedia
Key lessons:
1. Municipal / public sector bodies remain high-value targets due to legacy systems, limited budgets, and critical service expectations.
2. Response is often more costly than prevention: deploying governors, public communications, cross-jurisdictional coordination becomes a burden.
3. The attack illustrates that service disruption (not just data theft) can be the primary vector of adversary impact.

Case: Collins Aerospace / vMUSE Airport Disruption

The cyberattack impacted the vMUSE check-in / boarding platform (a Collins Aerospace product); it had cascading effects across European airports. Passengers were stranded; check-in systems failed. Wikipedia
This underscores:
- The risk of interdependent systems (airports rely on shared platforms and VPNs).
- That critical infrastructure / service providers are no longer immune.
- That attackers now aim for maximum visibility, reputational impact, and pressure to pay / negotiate.

Case: ShinyHunters / Scattered Spider / Salesforce SaaS Compromise

ShinyHunters (in conjunction with Scattered Spider) mounted campaigns targeting enterprise Salesforce clouds by social engineering, vishing, and injecting malicious data loader tools. They exfiltrated ~1.5 billion records across 760+ companies. Wikipedia
Attackers used OAuth/confidential token compromise in subsidiary SaaS services (Drift, Salesloft), then pivoted deeper into core systems. Wikipedia
In parallel, the Oracle extortion email campaigns suggest attackers are opening multiple fronts; exploit known software vulnerabilities, demand ransom, threaten leakage. Reuters

These real-world events map cleanly onto our risk taxonomy: supply chain attacks, identity compromise, SaaS trust, and high-stakes extortion.

Strategic Recommendations & Control Priorities

Based on these risk themes and observed failures, here is how I advise our clients to posture for Q4 and beyond. Prioritize with risk-return, but don’t defer foundational controls.

1. Assume Breach, Build Resilience

Adopt a “zero trust + assume compromise” mindset; expect lateral movement, prepare for attacker presence.
Strengthen incident response / IR playbooks, conduct regular tabletop and live simulation drills (with cross-functional stakeholders).
Architect immutable backups, offline air-gapped recovery paths, and run regular restore / recovery exercises.
Build redundancy / fault tolerance in critical systems, failover, geographic diversity, fallback modes.

2. Identity & Privilege Hardening

Move aggressively toward just-in-time (JIT) escalation / ephemeral privilege, and eliminate standing admin accounts wherever possible.
Rotate and expire tokens, sessions, and credentials frequently; limit session lifetimes and monitor anomalous token use.
Enforce strong MFA (e.g. hardware keys, FIDO2/WebAuthn, phishing-resistant) for all privileged users.
Deploy behavioral / anomaly detection on identity events (unusual logins, lateral moves, privilege escalations).
Harden identity lifecycle processes: deprovisioning, stale accounts, role reviews, contractor access.

3. Vendor & SaaS Risk Governance

Enforce strict vendor security criteria: contract clauses for audit rights, breach notification, minimum security posture, SLAs, and penalties.
Segregate and segment vendor access, applying the principle of least privilege and zero trust even for vendors.
Continuously monitor vendor SaaS connections, OAuth usage, API credentials, external trust relationships.
Perform periodic security assessments / audits of key SaaS providers and critical vendors.
Build “vendor kill-switch” capability: the ability to sever vendor trust quickly if compromise is suspected.

4. Visibility, Telemetry & Detection

Invest in full-lifecycle asset visibility: network, endpoint, cloud, containers, OT. (Unified CMDB, continuous discovery)
Adopt microsegmentation, zero trust network access (ZTNA), and East-West traffic monitoring.
Ensure coverage of logs / telemetry across all hosts, SaaS connectors, vendor links, and critical paths.
Integrate AI/ML-driven detection with human review; monitor model drift, false positives, and adversarial tactics.
Use threat hunting (proactive periodic hunts) rather than passively waiting for alerts.

5. Phishing / Social Engineering Defense-in-Depth

Run frequent targeted phishing campaigns and resilience training, especially on executives and high-risk roles.
Implement email / endpoint sandboxing, link / URL isolation, anomaly scoring, impersonation detection.
Deploy deepfake / voice-verification defenses where possible (e.g. voice‐signature systems, call-back verification).
Require multi-channel verification for sensitive requests (e.g. out-of-band confirmation).
Monitor for model-level poisoning or adversarial content injection if AI is used in detection pipelines.

6. OT / Critical Infrastructure Hardening

Segregate OT from IT via air gaps, firewalls, demilitarized zones (DMZs), one-way gateways where necessary.
Instrument OT systems with detection agents or anomaly systems designed for industrial protocols.
Train OT teams in cyber hygiene; vet and control remote vendor access.
Build manual fallback / manual operations procedures if automation fails.
Partner with OT cyber specialists for red-teaming, threat modeling, and OT-specific incident response.

7. AI / ML Safeguards & Governance

Implement model integrity controls: versioning, hash verification, tamper detection, retraining audit logs.
Be cautious about automated / fully autonomous decision agents without human oversight.
Periodically adversarial-test / red-team your ML/AI systems.
Limit access, permissions, and exposure of model training pipelines and data.
Monitor for signs of poisoning, performance skewing, anomalous inferences.

8. Governance, Compliance & Insurance Alignment

Ensure breach readiness: playbooks for legal coordination, regulators, forensic triage, disclosure.
Maintain tight, documented alignment between security posture and the expectations of insurers, auditors, regulators.
Review and update contracts / SLAs with vendors to include clear security obligations.
Establish metrics and dashboards for the board / C-level: mean dwell, time to detect, patch latency, identity anomalies, vendor risk exposure.
Monitor regulatory changes (e.g. NIS2, SEC, US state privacy laws) and adapt controls accordingly.

Metrics, Monitoring & KPIs for Q4

To know whether we’re improving (or slipping), we need a robust metrics set; not vanity metrics, but ones tied to risk posture. Here are critical KPIs I recommend:

Metric	Purpose / What It Measures
Dwell Time (attacker presence before detection)	Longer dwell = higher risk
Number of privilege misuse / anomaly identity events	Identity abuse baseline
Percentage of privileged accounts with JIT / ephemeral access	Progress on hardening identity
Patch / vulnerability remediation latency (for critical assets)	Speed of closing known gaps
Number of shadow / unknown assets discovered	Visibility drift measurement
Vendor SaaS risk exposure score / vendor audit compliance	Third-party risk health
Incident (or near-miss) counts by type (ransomware, supply chain, OT)	Trend tracking
Backup recovery success rate & recovery time	Resilience / continuity measure
False positive / false negative rates in detection engines	Quality of detection tuning
AI/ML drift or model integrity deviation	Health of model-based systems

Quarterly, we should set targets (e.g. reduce dwell time by X, audit top 5 vendors, migrate 50% of admin accounts to JIT) and publish dashboard status to boards or clients.

Outlook & Key Threats to Monitor into Q4 2025

As we head into Q4, here’s where I expect the adversary pressure to tilt:

Ransomware groups will increasingly blend disruption & extortion, especially in sectors where downtime is deeply painful (finance, health, energy).
Supply chain attacks will morph; attackers will weaponize SaaS trust further (API abuse, cloud workloads, identity chains).
AI will become even more baked into adversary toolkits: autonomous attack chains, real-time pivoting, adversarial model targeting.
Nation-state actors will exploit chaos: hybrid conflict vectors merging cyberespionage, supply chain compromise, infrastructure targeting.
Insurance markets will push for even stricter forced controls, possibly denying claims when key hygiene is missing.
Regulation and compliance will surge: expect more mandates, disclosures, even executive liability linked to security failures.
IoT, edge, and embedded (5G, smart infrastructure) will be leveraged for wide-scale attacks, especially in industrial sectors.

Given these trends, the capacity to pivot, adapt, monitor posture, and reduce misconfigurations will become as important as static defenses.

Conclusion

This has been a rough quarter. But for Arctiq and our clients, that’s precisely why a proactive, strategic posture is essential. Knowing where adversaries are shifting and being ready with architecture, controls, metrics, and response capability is the difference between deep exposure and resilience. To turn insight into action, connect with Arctiq to explore strategies that reinforce your defenses and reduce exposure.

View full post