IE has so many predictions for 2025 that there will be a series of features throughout the month. Start with this one which brings together some information on cyber risks, data and much more. Here we go.
Founder and CEO Karl Holmqvist offers these comments on the top risks and trends of 2025;
- The intensification of “steal now, decrypt later” threats will drive widespread integration of post-quantum encryption: In 2025, the growing threat of “Steal-Now, Decrypt-Later” attacks will force organizations to accelerate the adoption of post-quantum cryptography (PQC). With advances in quantum computing making traditional encryption methods increasingly vulnerable, adversaries are actively storing encrypted data today to decrypt it with future quantum capabilities. The recent FIPS-203 standardization in August 2024 allows organizations to legally deploy proven PQC algorithms like ML-KEM, pushing CISOs to establish comprehensive crypto asset registries and proactively review encryption strategies. Without immediate action to secure their high-value assets, organizations face a growing risk of quantum breaches, threatening not only data, but also national security and global stability.
- Escalation of cyberattacks against critical infrastructure: In 2025, cyberattacks on critical infrastructure will intensify, targeting sectors such as energy networks, water systems and communications networks. Driven by a range of factors, including geopolitical tensions, these attacks will disrupt essential services and erode public trust. Governments and the private sector will be forced to strengthen their detection systems, improve threat intelligence sharing, and take proactive steps to defend against increasingly sophisticated and coordinated threats, including those emanating from Nation states.
- The “Wild West” consequences of AI deployment: The massive and uncontrolled deployment of AI tools, which are often deployed without solid security foundations, will lead to serious consequences in 2025. Without adequate privacy measures and security frameworks, these systems will become prime targets for breaches and manipulations. This “Wild West” approach to AI deployment will leave data and decision-making systems dangerously exposed, pushing organizations to urgently prioritize foundational security controls, transparent AI frameworks, and continued monitoring to mitigate these growing risks.
Darren Williams, founder and CEO, offers some thoughts on ransomware, deepfakes and infrastructure: can we make them more resilient?
- Lesser-known ransomware gangs like Hunters International will grow at an accelerated pace. As malicious actors’ use of AI continues to proliferate, their attack rate will allow them to work more efficiently and successfully than ever before. There is no honor among thieves, and the tendency of individual cybercriminals to “jump from one ransomware group to another” will further complicate attribution and containment efforts. Attackers will follow the money and prioritize financial gain over any group allegiance.
- Deepfake scams will be an important frontier for digital fraud until 2025. As bad actors evolve their tactics to achieve maximum impact, they will continue to use advanced AI-powered tools to deploy highly personalized phishing attacks. AI is also paving the way for a new generation of highly compelling deepfake technologies that will introduce unprecedented risks to personal and corporate brands. Organized crime groups seek to cash in on their profits by creating increasingly convincing videos impersonating leaders and public figures, such as Jeff Bezos and Elon Musk.
- The collateral damage from ransomware attacks against healthcare providers will extend beyond personal records. High-profile attacks on healthcare providers in 2024, from Change Healthcare in the US to pathology service provider Synnovis in the UK, were notable not only for the significant loss of data, but also for their impact on services and, ultimately, on the well-being of patients.
Ongoing problems with existing resources and infrastructure, as well as the wealth of valuable data in the healthcare sector, mean that the sector is seen as a “weak link” by cyberattackers and will likely continue to bear the brunt of serious cyberattacks. . As criminal gangs exploit patients’ privacy, security and health to demand ransoms, it is essential that industry providers protect their most vulnerable points to protect patients and staff.
Ariel Parnes, co-founder and COO at Mitiga, sees a convergence of threats next year;
The deadly combination of AI-driven attacks and SaaS vulnerabilities will redefine the threat landscape. In 2025, two critical trends will converge to create a perfect storm and reshape the threat landscape: the increasing availability of generative AI to cybercriminals and the rapid adoption of SaaS applications.
Generative AI, with its ability to create sophisticated, contextual content, will enable malicious actors to automatically scan SaaS environments, find vulnerabilities, and launch precise and rapid attacks. The barriers to creating adaptive phishing campaigns or exploiting SaaS misconfigurations will disappear, allowing even the least skilled hackers to carry out highly targeted attacks. AI will also help attackers evade detection by continually changing their techniques.
Meanwhile, organizations are adopting more SaaS applications, creating sprawling, interconnected environments and introducing new security challenges. Many organizations lack visibility into their SaaS ecosystems, making it difficult to monitor user behavior, detect threats, and consistently enforce security policies across applications. Traditional security tools are ill-equipped to protect the decentralized and dynamic nature of SaaS platforms. As business functions migrate to the cloud, this gap in SaaS visibility and detection will remain a significant weakness for cybercriminals to exploit.
Without real-time monitoring and detection, organizations will be at a disadvantage. To counter these threats, businesses must close the SaaS visibility gap by investing in advanced security tools specifically designed for cloud environments. These tools should leverage AI to keep up with evolving threats, focusing on real-time detection, anomaly identification, and continuous monitoring of all SaaS applications.