Advertisment

Get ready for bigger, bolder, AI-driven cyber-attacks in 2025

AI adoption and threat actors’ increasing sophistication in improving cyber-attacks will be countered by the expansion of cybersecurity frameworks and efforts to enhance collective resilience.

author-image
Voice&Data Bureau
New Update
Cybersecurity

Fortinet, the global provider in cybersecurity driving the convergence of networking and security, has released its 2025 Cyberthreat Predictions Report. The report offers critical insights into the evolving cyber-attack landscape, highlighting a shift towards more sophisticated and destructive strategies. While attackers continue to use long-established methods, there is a notable increase in more ambitious tactics. Cybercrime-as-a-Service (CaaS) groups are expected to become more specialised, with adversaries adopting playbooks that combine both digital and physical threats to execute highly targeted and impactful attacks.

Advertisment

Developed by FortiGuard Labs, the report analyses the evolution of traditional attack methods, emerging trends shaping the future of cybercrime, and provides actionable recommendations for organisations to enhance their resilience. It offers a forward-looking perspective on the challenges posed by a rapidly changing threat landscape, equipping businesses with the insights needed to proactively defend against advanced cyber threats.

Emerging Threat Trends to Watch for in 2025 and Beyond

As cybercrime continues to evolve, several unique trends are expected to emerge in 2025 and beyond. Here’s a glimpse of what to expect:

Advertisment
  • More Attack Chain Expertise Emerges
    In recent years, cybercriminals have increasingly focused on the reconnaissance and weaponisation stages of the cyber kill chain. This approach allows attackers to execute more targeted and precise attacks. While many CaaS providers have traditionally offered a broad range of services, we anticipate that they will increasingly specialise, with many groups focusing on specific segments of the attack chain.

  • Cloud Security Under Threat
    While edge devices will continue to be a focus for cybercriminals, organisations must also pay close attention to their cloud environments. Although the cloud is not new, it has attracted growing interest from cybercriminals. With most organisations relying on multiple cloud providers, we expect to see an increase in cloud-specific vulnerabilities being exploited by attackers.

  • Automated Hacking Tools on the Dark Web
    The CaaS market has seen a rise in the availability of various attack vectors and associated tools, such as phishing kits, Ransomware-as-a-Service, and DDoS-as-a-Service. We expect this trend to grow as attackers use AI to power CaaS offerings. For example, large language models (LLMs) could be used to automate social media reconnaissance and package that intelligence into sophisticated phishing kits.

  • Playbooks to Incorporate Real-Life Threats
    Cybercriminals are increasingly advancing their playbooks, with attacks becoming more aggressive and destructive. We predict that attackers will merge cyberattacks with physical, real-world threats. Some cybercriminals have already threatened executives and employees physically, and we expect this to become more common. Additionally, we foresee that cybercrime groups will collaborate with transnational crime organisations—such as those involved in drug trafficking or smuggling—to create more sophisticated, hybrid attack strategies.

  • Expansion of Anti-Adversary Frameworks
    As adversaries evolve their tactics, the cybersecurity community must adapt accordingly. Global collaborations, public-private partnerships, and the development of frameworks to combat threats will be crucial for enhancing collective resilience. Initiatives such as the World Economic Forum Cybercrime Atlas, of which Fortinet is a founding member, are already underway, and we anticipate further collaborative efforts to disrupt cybercrime in the future.

Enhancing Collective Resilience Against an Evolving Threat Landscape

Cybercriminals will always find new ways to infiltrate organisations, but there are significant opportunities for the cybersecurity community to collaborate in order to better anticipate adversaries’ next moves and effectively interrupt their activities.

Advertisment

The value of industry-wide efforts and public-private partnerships cannot be overstated, and we expect the number of organisations participating in these collaborations to grow in the coming years. Additionally, it’s vital to remember that cybersecurity is everyone’s responsibility, not just that of security and IT teams. Enterprise-wide security awareness and training are essential components of risk management. Governments, vendors, and other entities also have a duty to promote and adhere to robust cybersecurity practices.

No single organisation or security team can combat cybercrime alone. By working together and sharing intelligence across the industry, we can better protect society at large.

Commenting on the same, Vishak Raman, VP of Sales, India, SAARC, SEA & ANZ at Fortinet said, “from the rise of Cybercrime-as-a-Service to the convergence of cyber and physical threats, these trends reflect how adversaries are pushing boundaries to execute more precise, large-scale attacks. While adversaries are leveraging AI to enhance their attacks, Fortinet leads the way in applying AI to strengthen defences, automate threat detection, and reduce operational burdens for security teams. Through our AI-powered cybersecurity platform, we empower customers to stay ahead of evolving threats, optimise their security strategies, and build resilience in an increasingly complex digital landscape.”

Advertisment