Google Cloud has revealed its cybersecurity forecast for 2025, offering a detailed analysis of the emerging threat landscape and key security trends that organizations around the world should prepare for. The report provides insight into cyber adversaries’ tactics and provides tips for strengthening security in the coming year.
The year of AI-powered cyberattacks
The report highlights a shift in the cybersecurity landscape: the rise of artificial intelligence (AI) as double-edged sword. While AI offers new tools for defenders, it also gives malicious actors advanced capabilities.
2025 will likely be the year that AI moves from pilot programs and prototypes to full-scale adoption, ushering in a new era of semi-autonomous security operations. This AI integration will automate tasks, analyze large data sets, and streamline workflows, allowing security teams to work more efficiently.
However, the report also warns of an increase AI-powered cyberattacks. Attackers should exploit AI, including major language models (LLM) and deepfakes, to enhance social engineering attacks, conduct vulnerability research, and develop more sophisticated malware.
“2025 is the first year we will truly see the second phase of AI in action with security,” said Sunil PottiVice President/General Manager, Google Cloud Security.
“2025 will be the year AI moves from pilots and prototypes to full-scale adoption. » Phil VenablesVice President, TI Security & CISO, Google Cloud, added.
Geopolitical conflicts fuel complex cyberattacks
Geopolitical tensions continue to spill over into cyberspace, leading to increased complexity in the threat landscape. The report predicts continued cyber activity from the “big four” nation-states – Russia, China, Iran and North Korea – as they pursue their geopolitical goals.
China’s aggressive approach and high risk tolerance will likely result in the continuation of stealth tactics, including the use of zero-day vulnerabilities and custom malware designed for embedded systems. Russian cyber espionage should target governments, politicians and critical infrastructure primarily in Europe and NATO countries. Iran will continue its cyber activities related to the Israel-Hamas conflict while also focusing on government and telecommunications organizations in the Middle East and North Africa. North Korea, driven by economic need, will target cryptocurrency exchanges in the JAPAC region, using tactics such as impersonating remote IT employees.
Sandra JoyceVice President of Google Threat Intelligence at Google Cloud, said: “Geopolitical conflicts will continue to drive cyber activity around the world, creating more complexity. »
Ransomware persists, information thieves multiply
Cybercrime remains a significant threat, with ransomware and extortion becoming major disruptors in 2025. The report highlights the expansion of these threats beyond the United States, fueled by the emergence of new ransomware-as-offerings. a-service and an increase in data leaks. sites.
The report also sounds the alarm about the growing threat of information stealing malware. These sophisticated programs are designed to steal sensitive information such as login credentials, posing a particular risk to organizations that lack robust multi-factor authentication.
To add to the complexity, cybercriminals, particularly in Southeast Asia, are becoming increasingly innovative. They are rapidly adopting advanced technologies, including AI, malware-as-a-service models and sophisticated money laundering techniques, posing a growing challenge to law enforcement and security professionals .
“Undoubtedly, multifaceted extortion and ransomware will continue in 2025, with likely an increase outside the United States,” said Charles CarmakalCTO Mandiant, Google Cloud.
Preparing for a secure future: cloud security, identity and quantum computing
The Google Cloud Cybersecurity Forecast 2025 report offers organizations a call to action to strengthen their defenses and proactively respond to emerging threats.
Key recommendations:
- Prioritize cloud security: Organizations should adopt cloud-native security solutions, such as cloud-based SIEM and SOAR platforms, to improve visibility, threat detection, and incident response capabilities.
- Strengthen identity and access management: Implement strong multi-factor authentication, continuous identity risk assessments, and robust access controls to mitigate the risks associated with compromised identities, especially in hybrid environments.
- Prepare for Post-Quantum Crypto: Organizations must begin to assess the risks posed by quantum computing and plan the adoption of quantum-resistant cryptographic solutions to protect sensitive data over the long term.
- Stay informed and adapt: Continuously monitor the threat landscape, leverage threat intelligence, and adapt security strategies to counter emerging risks and tactics.
The Google Cloud Cybersecurity Forecast 2025 report provides security professionals and leaders with the knowledge and insights needed to navigate the complex cybersecurity landscape and proactively respond to emerging situations. threats. By taking a proactive, comprehensive approach to security, organizations can mitigate risks, improve resilience, and protect valuable assets in the year ahead.
