MegaFon's Security Operations Center (SOC) analyzed threats recorded in 2025. According to the study, 48.3% of incidents are related to manipulation of company infrastructure, where attackers try to alter its operation. This can lead to IT system compromise.
Meanwhile, 51.5% of incidents are of low criticality, 39% are medium, and 9.5% are high. 28.7% of attacks are aimed at gaining access to confidential data and control systems. Network reconnaissance accounts for 18.9% of incidents. Hackers actively scan infrastructure, using tools to find vulnerabilities.
Viral threats, despite a small percentage (4.1%), remain a serious problem. Attackers are improving methods of infecting and spreading malware. Two types are distinguished: infostealers, disguised as legitimate applications, and ransomware, encrypting files and demanding a ransom.