However, the reality is quite different. In 2025, many cyberattacks still rely on well-established strategies that, despite their “age,” remain surprisingly effective.
The latest data from Barracuda’s SOC Threat Radar – 2025 report confirms this trend, highlighting alarming growth rates for attacks based on well-known techniques:
- +400% increase in the use of malicious macros in Microsoft documents, leveraged to distribute malware and create backdoors.
- +40% increase in spear phishing attacks, which are increasingly targeting executives and finance departments with greater precision.
- +171% increase in attempts to suspiciously delete Windows logs, a classic method for concealing malicious activity.
These numbers raise a crucial question: why do “old” methods still work today, and more importantly, how can businesses effectively protect themselves?
The timeless tactics of hackers
Despite advancements in cybersecurity, many of today’s most commonly used attack techniques are modern variations of strategies that have been seen in the past.
- Spear phishing: the human factor as a key vulnerability
It remains one of the most effective attack techniques due to its ability to deceive users by leveraging personalized information. In 2025, detected spear phishing attacks have been predominantly finance-themed, targeting employees in accounting, administration, and IT departments. Attackers use publicly available data (e.g., information from LinkedIn) to make emails increasingly convincing, enhancing the effectiveness of their attacks.
- Malicious macros: a threat that keeps evolving
Microsoft Office macros are useful tools for automating processes, but when exploited by malicious actors, they become vectors for malware downloads. In January 2025, Barracuda recorded a 400% increase in the use of malicious macros compared to the previous two months. This indicates that, despite efforts to restrict their use, attackers continue to find ways to trick victims into enabling them.
- Log wiping: erasing traces to cover intrusions
A less obvious but equally effective technique is system log wiping, which prevents the detection of attacks. The 171% increase in suspicious deletion of Windows logs in 2025 indicates that cybercriminals are refining their ability to evade monitoring systems, allowing them to remain undetected within compromised networks for longer periods.
Why do old attacks still work today?
If these techniques have been known for years, why do they still succeed?
- The human factor remains the weakest link in security, as many employees do not receive adequate training to recognize phishing emails or suspicious attachments.
- Obsolete infrastructure and unresolved vulnerabilities. Old active accounts, unprotected VPNs, and unpatched software create open doors for cybercriminals.
- Attacks enhanced by automation. The adoption of as-a-Service models in the cybercrime world is making these attacks even more accessible.
- Ransomware-as-a-Service (RaaS) has quadrupled attack attempts in 2024.
- Phishing-as-a-Service (PhaaS) provides sophisticated toolkits even to criminals without advanced skills.
How to defend against hackers’ evergreen tactics?
Companies can reduce risks by adopting targeted security strategies:
- Block macros in Microsoft documents whenever possible.
- Regularly train employees to recognize phishing and social engineering attacks.
- Enforce strict controls on IT accounts, removing unused ones.
- Continuously monitor system logs to detect suspicious deletions.
- Implement advanced security solutions, including XDR, MFA, and email protection.
Cybercriminals don’t need to invent new threats when well-established techniques continue to be highly effective. Businesses must recognize that not only the most sophisticated threats are dangerous—older tactics still remain one of the leading causes of system breaches today.
Taking a proactive approach to cybersecurity means strengthening every layer of corporate protection, addressing both emerging and timeless threats. Discover how to safeguard your business with advanced security solutions. Contact us for an assessment.
