Predictions 2025: Let’s Look at Cyber Attacks, Data Breaches & AI

2 December 2024 alastair walker Opinion 0

IE has so many Predictions for 2025 that there will be a series of features throughout the month. Kicking off with this one which rounds up some insights on cyber risks, data and more. Here we go.

LAST WALL

Founder and CEO Karl Holmqvist offers these comments on 2025’s key risks and trends;

  1. Escalating “Steal-Now, Decrypt-Later” Threats Will Drive Broad Integration of Post-Quantum Encryption: In 2025, the intensifying threat of “Steal-Now, Decrypt-Later” attacks will force organizations to accelerate the adoption of post-quantum cryptography (PQC). With quantum computing advancements making traditional encryption methods increasingly vulnerable, adversaries are actively stockpiling encrypted data today to decrypt it with future quantum capabilities. The recent standardization of FIPS-203 in August 2024 enables organizations to legally deploy proven PQC algorithms like ML-KEM, pushing CISOs to establish comprehensive cryptographic asset registers and proactively overhaul encryption strategies. Without immediate action to secure high-value assets, organizations face a growing risk of quantum-enabled breaches, threatening not just data but national security and global stability. 
  2. Escalation of Cyberattacks on Critical Infrastructure: In 2025, cyberattacks on critical infrastructure will intensify, targeting sectors such as energy grids, water supply systems, and communication networks. Driven by a range of factors, including geopolitical tensions, these attacks will disrupt essential services and erode public trust. Governments and private sectors will be forced to fortify their detection systems, enhance threat intelligence sharing, and take proactive measures to defend against increasingly sophisticated and coordinated threats, including those from nation-states. 
  3. Fallout from the “Wild West” of AI Deployment: The unchecked, mass deployment of AI tools—which are often rolled out without robust security foundations—will lead to severe consequences in 2025. Lacking adequate privacy measures and security frameworks, these systems will become prime targets for breaches and manipulation. This “Wild West” approach to AI deployment will leave data and decision-making systems dangerously exposed, pushing organizations to urgently prioritize foundational security controls, transparent AI frameworks, and continuous monitoring to mitigate these escalating risks.

BLACKFOG

Founder and CEO Darren Williams offers some thoughts on ransomware, deepfakes and infrastructure – can we make it more resilient?

  1. Lesser-known ransomware gangs like Hunters International will grow at an expedited rate. As threat actors’ use of AI continues to proliferate, their attack rate will allow them to work more efficiently and successfully than ever before. There’s no honor amongst thieves, and the trend of “gang-hopping” by individual cybercriminals between ransomware groups will further complicate attribution and containment efforts. Attackers will follow the money and choose financial gain over any allegiance to a group. 
  2. Deepfake scams will be a significant frontier for digital fraud through 2025. As threat actors evolve their tactics for maximum impact, they will continue to use advanced AI-driven tools to deploy highly tailored phishing attacks. AI is also ushering in a new generation of highly convincing deepfake technology that will introduce unprecedented risks for personal and corporate brands alike. Organized crime groups are aiming to cash in by creating increasingly convincing videos impersonating executives and public figures, such as Jeff Bezos and Elon Musk. 
  3. Collateral damage of ransomware attacks on healthcare providers will extend beyond personal records. High-profile healthcare provider attacks in 2024, from Change Healthcare in the US to pathology services provider Synnovis in the UK, were notable not only for the significant data loss but also for their impact on services and, ultimately, patient wellbeing.

    Ongoing issues with resources and legacy infrastructure, along with the wealth of valuable data across the healthcare sector, mean it is perceived as a “weak link” by cyber attackers and will likely continue to bear the brunt of serious cyber attacks. As criminal gangs leverage patients’ privacy, safety, and health in ransom demands, it is vital for providers across the sector to protect their most vulnerable points to safeguard patients and staff.

MITIGA

Ariel Parnes, Co-Founder and COO at Mitiga sees a convergence of threats next year;

The lethal combination of AI-powered attacks and SaaS vulnerabilities will redefine the threat landscape. In 2025, two critical trends will converge to create a perfect storm and reshape the threat landscape: the growing availability of generative AI for cybercriminals and the rapid adoption of SaaS applications.

Generative AI, with its ability to craft sophisticated, context-aware content, will empower threat actors to automatically scan SaaS environments, find vulnerabilities, and launch precise, rapid attacks. The barriers to creating adaptive phishing campaigns or exploiting SaaS misconfigurations will drop, enabling even less-skilled hackers to conduct highly targeted attacks. AI will also help attackers evade detection by continually modifying their techniques.

Meanwhile, organizations are adopting more SaaS applications, creating sprawling, interconnected environments and introducing new security challenges. Many organizations lack visibility into their SaaS ecosystems, making it difficult to monitor user behavior, detect threats, and enforce security policies consistently across applications. Traditional security tools are ill-equipped to protect the decentralized and dynamic nature of SaaS platforms. As business functions shift to the cloud, this gap in SaaS visibility and detection will remain a significant weakness for cybercriminals to exploit.

Without real-time monitoring and detection, organizations will be at a disadvantage. To counter these threats, companies must close the SaaS visibility gap by investing in advanced security tools specifically designed for cloud environments. These tools must leverage AI to keep pace with evolving threats, focusing on real-time detection, anomaly identification, and continuous monitoring across all SaaS applications.

About alastair walker 19589 Articles
20 years experience as a journalist and magazine editor. I'm your contact for press releases, events, news and commercial opportunities at Insurance-Edge.Net
Twitter

Related Articles

News

Perfect Pet Expands to Meet Demand

28 February 2025 alastair walker News 0

The latest update from Perfect Pet; Pet insurer, Perfect Pet, part of Tedaisy Insurance Group has tripled its team and seen an increase in pets covered by its insurance by 39% from 2023 to 2024. The business’ growth comes […]

Business

Latest AON Financial Results; Revenue Up, Margin Improved

1 February 2020 alastair walker Business 0

Here’s the latest financials from AON, covering the fourth quarter of 2019; Fourth Quarter Key Metrics From Continuing Operations and Highlights Total revenue increased 4% to $2.9 billion, including organic revenue growth of 7% Operating margin […]

Be the first to comment

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.