Barracuda Networks has shared its cybersecurity forecast for 2025, signaling significant changes as cyber threats are expected to become more automated and more evasive.
According to Barracuda, an increase in attacks against critical infrastructure and cloud services is expected, requiring stronger resilience measures. Cybercriminals will likely exploit vulnerabilities in outdated systems and supply chains, highlighting the need for more adaptive security frameworks. This reflects the growing need for organizations to strengthen their defenses against increasingly sophisticated and targeted cyber threats.
Mark Lukie, Director of Solutions Architects for APAC, shared his observations on the evolving cyber threat landscape.
“The rapid integration of generative AI by cybercriminals has made social engineering attacks more convincing and phishing campaigns more widespread. We have also seen an increase in email attacks using newer techniques such as QR codes,” Lukie said.
Highlighting another worrying trend, Matt Caffrey, senior solutions architect for ANZ, said: “The continued success of ransomware attacks, despite increased awareness and defenses, has been a major surprise in 2024. The topic has been brought to the forefront mainstream media. The attackers have evolved. their tactics, focusing on double extortion by threatening to release sensitive data, as we saw with major ANZ companies. Even with improved defenses, the persistence of this threat shows that organizations still struggle to balance prevention, detection and recovery.
As 2025 approaches, concerns are growing among customers and partners about fragmented visibility across different threat vectors.
Lukie explained: “Many are concerned about fragmented visibility across various threat vectors, making it difficult to detect and respond to complex attacks. As threats span email, network and endpoint layers, customers view XDR (extended detection and response) as essential to unifying security insights. and improving detection accuracy. With XDR, they aim to achieve centralized real-time visibility and rapid response across various attack surfaces, helping to respond more effectively to evolving threats.
Caffrey also highlighted the major concern around protecting sensitive data as reliance on cloud-based services increases.
“The biggest concern remains protecting sensitive data, especially as businesses increasingly rely on cloud-based services. These concerns center around ransomware events. Customers are concerned about how to effectively manage their security posture across different environments while ensuring compliance with more stringent data. privacy,” Caffrey commented.
Looking ahead to 2025, Lukie predicts continued progress in cyber threats: “Cyber threats will become more automated and more evasive, leveraging AI to bypass traditional defenses. Attacks on critical infrastructure and cloud services will likely increase, requiring more robust resilience measures. »
Additionally, Caffrey expects targeted attacks to pose significant risks. He said: “In 2025, we can expect an increase in targeted attacks against critical infrastructure and small and medium-sized businesses, which often lack the robust security resources of larger organizations. Cybercriminals will likely continue to exploit vulnerabilities in outdated systems and supply chains. it is therefore crucial for businesses to invest in stronger and more adaptive security frameworks.