New Jersey is facing an alarming increase in cybersecurity threats, particularly related to stolen login credentials, as highlighted in the latest 2025 Threat Assessment report issued by the New Jersey Office of Homeland Security and Preparedness. This report sheds light on the grim reality that public agencies and private sector organizations are grappling with in the state, where criminals, including those supported by countries like Russia and China, are finding new ways to steal data and disrupt critical infrastructure and operations.
The report paints a bleak picture for the remainder of the year, raising concerns about cybersecurity risks, as well as the threat posed by “homegrown violent extremists” and potential attacks on major events such as the 2025 FIFA Club World Cup and other U.S.-based gatherings. It provides valuable insights and updates to help stakeholders better understand and combat these ongoing threats.
One of the primary concerns highlighted in the report is the use of “stealer malware,” a tool designed to extract login credentials, session tokens, and other sensitive authentication data directly from infected endpoints. This type of attack can bypass traditional endpoint detection systems, making it a significant challenge for state cybersecurity officials. To mitigate this risk, these officials are actively monitoring the dark web and other platforms to identify compromised email addresses and passwords.
According to the report, New Jersey cybersecurity officials reported over 28,000 compromised credentials notifications in the public sector last year, with a majority originating from the education sector. This staggering number underscores the pervasive nature of the threat facing public agencies, private companies, and residents in the state. The report also highlights the availability of more than 15 billion compromised credentials on the internet, emphasizing the widespread risks posed by cybercriminal activities.
The report cites a ransomware attack that struck the city of Hoboken in late 2024 as a sobering example of the challenges that New Jersey, as well as other states, counties, and cities, are likely to confront in the future. The attack, attributed to an organized cybercrime group, resulted in the temporary closure of City Hall and the suspension of online services, causing disruptions to court proceedings and essential municipal operations.
Furthermore, the report emphasizes that ransomware attacks are not limited to specific sectors, with government, healthcare, water, and other critical infrastructure entities being prime targets for cybercriminals due to the urgency of service restoration. Last year, more than 100 public and private organizations in New Jersey fell victim to ransomware attacks, with the average ransom demand escalating to $1.9 million, underscoring the substantial financial impact of these incidents.
Despite the rising ransom demands, the report highlights a positive trend where fewer victims are opting to pay the ransom and instead choosing to restore systems and services from backups. This shift reflects a growing awareness among organizations about the importance of proactive cybersecurity measures and the need to build resilience against evolving threats.
In conclusion, the 2025 Threat Assessment report serves as a critical tool for policymakers, cybersecurity professionals, and the general public in understanding the complex landscape of cyber threats facing New Jersey. By staying vigilant, implementing robust security measures, and fostering collaboration among stakeholders, the state can enhance its readiness to combat cybercrime and protect its critical infrastructure from malicious actors.