* [Blog](https://www2.paloaltonetworks.com/blog)
* [Palo Alto Networks](https://www2.paloaltonetworks.com/blog/corporate/)
* [Announcement](https://www2.paloaltonetworks.com/blog/category/announcement-zh-hant/?lang=zh-hant)
* 2025 年 Unit 42 事件回應報告 --- 攻...

# 2025 年 Unit 42 事件回應報告 --- 攻擊轉向業務中斷

[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2F2025%2F04%2Fincident-response-report-attacks-shift-disruption%2F%3Flang%3Dzh-hant)  
[](https://twitter.com/share?text=2025+%E5%B9%B4+Unit+42+%E4%BA%8B%E4%BB%B6%E5%9B%9E%E6%87%89%E5%A0%B1%E5%91%8A+%E2%80%94+%E6%94%BB%E6%93%8A%E8%BD%89%E5%90%91%E6%A5%AD%E5%8B%99%E4%B8%AD%E6%96%B7&url=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2F2025%2F04%2Fincident-response-report-attacks-shift-disruption%2F%3Flang%3Dzh-hant)  
[](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2F2025%2F04%2Fincident-response-report-attacks-shift-disruption%2F%3Flang%3Dzh-hant&title=2025+%E5%B9%B4+Unit+42+%E4%BA%8B%E4%BB%B6%E5%9B%9E%E6%87%89%E5%A0%B1%E5%91%8A+%E2%80%94+%E6%94%BB%E6%93%8A%E8%BD%89%E5%90%91%E6%A5%AD%E5%8B%99%E4%B8%AD%E6%96%B7&summary=&source=)  
[](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www2.paloaltonetworks.com/blog/2025/04/incident-response-report-attacks-shift-disruption/?lang=zh-hant&ts=markdown)  
\[\](mailto:?subject=2025 年 Unit 42 事件回應報告 — 攻擊轉向業務中斷)  
Link copied  
By [Sam Rubin](https://www.paloaltonetworks.com/blog/author/sam-rubin/?lang=zh-hant&ts=markdown "Posts by Sam Rubin")  
Apr 05, 2025  
1 minutes  
[Announcement](https://www.paloaltonetworks.com/blog/category/announcement-zh-hant/?lang=zh-hant&ts=markdown)

This post is also available in: [English (英語)](https://www2.paloaltonetworks.com/blog/2025/02/incident-response-report-attacks-shift-disruption/ "Switch to 英語(English)") [日本語 (日語)](https://www2.paloaltonetworks.com/blog/2025/04/incident-response-report-attacks-shift-disruption/?lang=ja "Switch to 日語(日本語)") [한국어 (韓語)](https://www2.paloaltonetworks.com/blog/2025/04/incident-response-report-attacks-shift-disruption/?lang=ko "Switch to 韓語(한국어)")

## 業務中斷、AI 輔助式攻擊、內部威脅以及多層面加速入侵，共同定義全新的網路威脅形勢

Palo Alto Networks Unit 42 今日發佈[2025 年全球事件回應報告](https://start.paloaltonetworks.com/unit-42-incident-response-report.html)，揭示 2024 年 86% 的重大網路事件導致營運停擺、聲譽受損或財務損失。該報告 (根據 Unit 42 在 38 個國家/地區及各主要產業所回應的 500 起重大網路事件) 揭示一個新趨勢：出於財務動機的攻擊者已將焦點轉向蓄意中斷營運，優先採取破壞行動 -- 摧毀系統、鎖定客戶存取權限並導致長時間停機，以最大化其影響力並向企業施壓，迫使其支付勒索款項。

隨著 AI 輔助威脅和多重管道入侵手法的出現，攻擊的速度、複雜度和規模達到前所未有的程度，凸顯出 2024 年企業所面臨的威脅形勢比以往更加動盪不安。

### 重要發現 --- 網路威脅速度更快、破壞力更強

隨著攻擊者不斷改變交戰規則，防禦者幾乎很難跟上腳步。攻擊者的新劇本採用多管齊下的手法，以雲端為中心，並由 AI 驅動。2025 年全球事件回應報告強調幾個趨勢：

* **網路攻擊的速度比以往任何時候都快 --** 在 25% 的事件中，攻擊者在 5 小時內完成數據外洩，比 2021 年快出三倍。更令人震驚的是，在五分之一的事件中，數據竊取僅花了短短 1 小時就完成。
* [**內部威脅**](https://paloaltonetworks.com/resources/datasheets/unit42-insider-threat-services)**的興起 --** 2024 年，與[北韓有關的內部主導型網路事件](https://unit42.paloaltonetworks.com/north-korean-it-workers/)增加三倍。據觀察，北韓政府資助的行動者會偽裝成 IT 專業人士滲透至企業，獲取就業機會，然後有計劃地植入後門、竊取數據，甚至篡改原始程式碼。
* **多管齊下的攻擊已成為新常態 --** 在 70% 的事件中，攻擊者利用三個或更多的攻擊範圍，迫使安全團隊必須同時防禦端點、網路、雲端環境以及其他人為因素。
* **網路釣魚捲土重來 --** 去年，弱點曾是攻擊者最主要的初始存取途徑，而今年[網路釣魚再度崛起](https://unit42.paloaltonetworks.com/european-phishing-campaign/)並成為最常見的網路攻擊進入點，占所有初始存取的 23%。在生成式 AI 的助長之下，網路釣魚攻擊變得比以往更加複雜、具說服力且更易於擴充。
* **雲端攻擊持續增加 --** 將近 29% 的[網路安全事件涉及雲端環境](https://unit42.paloaltonetworks.com/large-scale-cloud-extortion-operation/)，其中 21% 導致雲端環境或資產受損，因為攻擊者會利用錯誤設定的環境潛伏其中，藉以掃描龐大的網路空間以尋找高價值的數據。
* **AI 正在加速攻擊生命週期** **--** 攻擊者利用 AI 驅動的方法來發動[更具說服力的網路釣魚攻擊](https://unit42.paloaltonetworks.com/dynamics-of-deepfake-scams/)、[自動化惡意軟體開發](https://unit42.paloaltonetworks.com/using-llms-obfuscate-malicious-javascript/)，並[加快攻擊鏈的推進速度](https://www.paloaltonetworks.com/blog/2023/11/palo-alto-networks-advises-u-s-government-on-ai-and-cybersecurity/)，讓網路攻擊更難偵測且執行速度更快。在一項對照實驗中，Unit 42 的研究人員發現 AI 輔助式攻擊可將外洩時間縮短至僅 25 分鐘。

### 網路攻擊為何得逞 --- 攻擊者利用系統複雜度、可視性差距與過度信任來發動攻擊

該報告強調對手能夠成功發動攻擊的三大主要推動因素：

* **複雜度正在扼殺安全效用 --** 75% 的事件證據早已存在於日誌中，卻因為[孤島效應阻礙偵測](https://www.paloaltonetworks.com/cortex/cortex-xsiam)。
* **可視性差距使攻擊行動難以被偵測 --** 40% 的雲端安全事件源自[未受監控的雲端資產](https://www.paloaltonetworks.com/cortex/cloud)與影子 IT，讓攻擊者更容易進行橫向移動。
* **過度信任使攻擊破壞性更強 --** 41% 的攻擊[利用過度授權](https://www.paloaltonetworks.com/sase/ztna)達到橫向移動和權限提升。

攻擊者改寫他們的劇本，利用 AI、自動化和多管齊下的攻擊策略來繞過傳統防禦機制。從初始入侵到全面影響的時間正在縮短，讓快速偵測、回應和補救變得至關重要。

在 2025 年保持領先的關鍵在於主動保護網路、應用程式和雲端環境，並透過 AI 驅動的偵測與回應強化安全作業，以達到全面可視性並加速威脅緩解。

防禦者需要隨著攻擊者劇本的演變進行調整。如需掌握最新資訊，請參閱 **2025 年 Unit 42 全球事件回應報告** 。

*** ** * ** ***

## Related Blogs

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement-zh-hant/?lang=zh-hant&ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services-zh-hant/?lang=zh-hant&ts=markdown)

[#### Palo Alto Networks 宣布支援 NVIDIA 企業級 AI Factory](https://www2.paloaltonetworks.com/blog/2026/01/support-nvidia-enterprise-ai-factory/?lang=zh-hant)

### [AI](https://www.paloaltonetworks.com/blog/category/ai-2/?lang=zh-hant&ts=markdown), [Announcement](https://www.paloaltonetworks.com/blog/category/announcement-zh-hant/?lang=zh-hant&ts=markdown)

[#### 利用 Palo Alto Networks 和 NVIDIA 保護 AI 工廠安全](https://www2.paloaltonetworks.com/blog/2025/10/secure-ai-factory-palo-alto-networks-nvidia/?lang=zh-hant)

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement-zh-hant/?lang=zh-hant&ts=markdown), [News and Events](https://www.paloaltonetworks.com/blog/security-operations/category/news-and-events-zh-hant/?lang=zh-hant&ts=markdown), [Product Features](https://www.paloaltonetworks.com/blog/security-operations/category/product-features-zh-hant/?lang=zh-hant&ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services-zh-hant/?lang=zh-hant&ts=markdown)

[#### 隆重推出 Cortex Cloud --- 即時雲端安全的未來](https://www2.paloaltonetworks.com/blog/2025/03/announcing-innovations-cortex-cloud/?lang=zh-hant)

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement-zh-hant/?lang=zh-hant&ts=markdown)

[#### Cortex XDR 在 MITRE ATT\&CK 第 6 輪中提供無與倫比的 100% 偵測](https://www2.paloaltonetworks.com/blog/2024/12/historic-results-in-the-2024-mitre-attck-enterprise-evaluations/?lang=zh-hant)

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement-zh-hant/?lang=zh-hant&ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services-zh-hant/?lang=zh-hant&ts=markdown)

[#### 徹底簡化網路安全](https://www2.paloaltonetworks.com/blog/2024/11/ai-copilot-simplified-security/?lang=zh-hant)

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement-zh-hant/?lang=zh-hant&ts=markdown)

[#### 宣佈推出 Prisma Cloud AI-SPM：AI 支援的應用程式的安全性和合規性](https://www2.paloaltonetworks.com/blog/cloud-security/prisma-cloud-ai-spm/?lang=zh-hant)

### Subscribe to the Blog!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
![spinner](https://www2.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up  
Please enter a valid email.  
By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.  
This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.  
{#footer} {#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2026 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language