Let’s Look at the Cyber & Political Threat Landscape for 2026

18 December 2025 alastair walker Opinion 0

This in-depth summary is from

Dr Brenton Cooper, CEO & Co-founder, Fivecast;

  1. Terror & Online Activism

Continued tensions in Eastern Europe, the Middle East, and Indo-Pacific are likely to spill over onto the home turf of AUKUS and European nations over the next 12 months.

We can already hear calls for greater vigilance from Five Eyes intelligence chiefs, such as Mike Burgess, the head of the Australian Security Intelligence Organisation (ASIO). He has been warning that Iran, Russia and China are recruiting criminals to conduct serious crimes and espionage.

In the UK, security minister Dan Jarvis warned in November 2025 about Chinese espionage activity, including the use of false recruitment specialists seeking people with access to insider knowledge in politics. He said the Chinese had a low threshold for the level of information they collect, as they use it to build a much bigger picture.

Attempts by hostile nations to use online platforms to sow division and disrupt critical national infrastructure is also likely to increase. Elections in many countries, including the US mid-term elections, will lead to more misinformation campaigns. Efforts to exploit divisions over controversial policy areas such as migration – including small boat entry to the UK – will also increase.

As political and religious extremists who oppose democratic norms continue to use the web for propaganda, recruitment, and fundraising, agencies that do not enhance their online monitoring and detection will encounter increasing gaps in their intelligence efforts.

Given the vast amount of data, policing and intelligence agencies are increasingly utilising advanced AI tools to analyse social media, niche online forums, and the dark web. Their goal is to identify and prevent serious illegal activities, many of which are planned or executed by their own citizens. Traditional manual methods are no longer sufficient, and relying solely on analysts is unfeasible due to the scale. The era of AI-driven open-source intelligence has begun.

2.

Businesses are more likely to protect themselves with advanced intelligence

The threats businesses encounter are expected to grow more complex as more nations devote resources to commercial espionage, according to security leaders like Mike Burgess, head of ASIO in Australia.

Malicious activity extends beyond just stealing intellectual property; it also involves exfiltrating information about deals or negotiations that could benefit the perpetrator’s country. Criminals may also target customer data. Additionally, as observed, foreign governments can organise direct actions, violence, and criminal damage targeting businesses.

In the UK, for example, five British men were sentenced in July 2025 for organising and carrying out arson attacks against Ukrainian-owned businesses. Groups linked to Israel have also been targeted by criminal damage. The threats posed by climate change and animal rights extremists add to the pressures faced by businesses of all sizes, especially multinational corporations.

A similar set of threats led one of our clients, a global resources firm, to adopt AI-powered open-source intelligence tools. These tools enable early warning of scams and digital threats targeting high-profile executives, as well as the detection of threat actors mobilising against the company and its facilities across social media and niche platforms.

More companies are expected to recognise the benefits of leveraging AI open-source intelligence platforms to proactively counter threats. These tools can automate the monitoring of text, images, and videos, detect hostile online narratives across multiple languages, and connect individuals or networks. Such insights will allow them to enhance physical security measures, especially where protests or unauthorised site access are anticipated by colluding activists or groups.

3.

Online foresight means forces are better prepared

In the defence intelligence communities of NATO and its allies, open-source intelligence (OSINT) will join AI and advanced analytics as part of the standard toolset for an all-source intelligence strategy.

Many are learning lessons from Ukraine about how to use open-source and social media intelligence before and during armed conflicts. The Ukraine war’s early phases saw the use of OSINT from analysis of masses of online data which provided important images of columns of Russian tanks and vehicles on the move. The net effect was to hugely augment situational awareness on the ground for the defenders.

Unauthorised or careless use of social media has enabled the enemy to track geolocation and identify units, leading to severe consequences. Ukrainians obtained valuable social media intelligence (SOCMINT) from images and videos of soldiers, equipment, and infrastructure shared on Russian platforms like VKontakte, as well as Telegram and TikTok. Conversely, on the Ukrainian side, at least one tank crew member probably contributed to their own downfall by posting photos of themselves online.

Defence and intelligence agencies will need to manage the explosion in online data to extract highly valuable intelligence insights from multiple sources. They must advance the detection and prevention of crime, terrorism and hostile nation-state activity directed against defence assets before open hostilities, for example. That includes trends in disinformation campaigns.

This demands more than simply training OSINT specialists. Intelligence teams require AI-powered tools capable of analysing large volumes of publicly and commercially available data. As the world becomes increasingly interconnected, AI-driven OSINT allows intelligence agencies to identify behaviour patterns that traditional methods might miss.

4.

Ethical AI to bring online crime out into the open

Generative AI is making threat-policing harder – and that is only going to increase. Criminals use this evolving technology for improved accuracy of phishing campaigns, and for deepfake voice and video impersonation in fraud, money-laundering and other scams.

Thanks to AI, hostile states no longer have to rely solely on criminalised data experts and hackers for their attacks. It is becoming increasingly simple to develop sophisticated disinformation campaigns.

Generative AI will create much of the content for them and automate its delivery. This will present significant challenges for all organisations – not just government agencies – in the verification and attribution of content and communications they receive.

But AI is also on the side of the good people. Access to ethically-guided, AI-driven open-source intelligence (OSINT) will be crucial for early detection of groups involved in malicious activities. AI will assist authorities in understanding information flows and identifying when content is machine-generated, with OSINT providing additional context. It can give valuable clues about the identities of the groups or actors behind suspicious activities, helping organisations assess the threat.

OSINT derived from publicly and commercially accessible sources offers behavioural insights that are not available through static databases or news outlets. Implementing ethical AI in OSINT allows organisations to combine this data effectively to meet various business needs, such as complying with KYC and AML regulations.

5.

In from the cold – open-source gets a seat at the intelligence table

Over the next 12 months we will continue to see how the fusion of intelligence sources and cross-disciplinary collaboration shape the future of intelligence. Open-source intelligence (OSINT), for so long viewed with ambivalence in certain corners of defence and intelligence, will emerge into the mainstream. Agencies will see the immense value in fusing traditional classified intelligence, derived from skilled field intelligence professionals, with OSINT.

Agencies will better understand how to use AI to correlate open-source and high-side classified intelligence at speed and at scale. These organisations will understand the full power of AI-driven OSINT platforms to identify threats across the deep and dark web and across the full range of social media channels.

The world has changed and threat actors are using these platforms very actively to recruit, transact, coordinate, influence, misinform and boast. A siloed approach to intelligence data is no longer viable, and more organisations will realise they need data fusion intelligence tools and AI-driven technology to harvest and analyse it, so they can stay on top of the full spectrum of risks.

6.

OSINT will help police and border forces spot the bad apples earlier and faster

Vetting – whether for applicants to join intelligence and police services or for immigration and visas – will become a more critical area demanding increased efficiency.

This is an area where mistakes can cost lives. In the UK, we have seen how allowing the wrong people to join police forces or gain shotgun licences can have fatal consequences, as in the cases of murderers Wayne Couzens and Jake Davison.

Police and intelligence agencies will increasingly employ open-source intelligence (OSINT) tools to expedite procedures and enhance the precision of their social media and public data analysis about individuals. OSINT can identify risk indicators by examining the full social media footprint of someone in conjunction with other data sources. Human officers cannot manage this scale of analysis due to the millions of social media users, many with multiple accounts. For instance, vetting shotgun license applications in the UK is typically carried out manually.

AI-driven OSINT technology uses a huge range of sources, including media sites and identity databases, and is likely to become more attractive to agencies tasked with vetting hundreds of thousands of illegal immigrants and asylum applicants.

Customisable analysis in today’s more advanced solutions enables agencies to configure alerts, cutting out unnecessary noise. One of our customers – a national vetting agency in the Five Eyes intelligence network – uses our solution to accelerate the processing of 6,000 to 7,000 candidates per month. It has proved to be more than 20 times faster at resolving the online identity of an applicant than manual techniques. The agency saved roughly 35,000 hours in the first four months of operation.

This system integrates smoothly with existing digital workflows. It allows for quicker, more precise screening, helping officers identify unsuitable or suspicious applications early. Nevertheless, final decisions will still be made by trained officers in every case.

7.

From police to major companies, open-source intelligence technology will be more embedded

Integrating OSINT into daily workflows will gain momentum across various fields, such as insurance-fraud detection and processing applications for licenses or tenders in security-sensitive public sector areas. Manual methods will gradually decline.

AI-powered OSINT is expanding beyond police, immigration, and security vetting, increasingly impacting the corporate sector. Enhanced configurability allows organisations to automate the monitoring of numerous sources, including commercial databases, public records, millions of social media platforms, as well as the deep and dark web. Businesses can define content thresholds aligned with their interests and combine various detection tools to activate specific rules.

Global companies are leveraging this technology to identify insider threats, scams, activist interference, and potential violent protests. Actionable insights are integrated into the workflows of key personnel, allowing them to make earlier, informed decisions by combining OSINT with other intelligence sources. For instance, insider risk monitoring can reveal sudden lifestyle changes or unexplained wealth that may indicate suspicious activity. Companies can then trace these individuals across the web and social media to identify additional concerning links.

Companies can utilise this technology to screen job applicants and contractors, as well as to stay ahead of potential threats from hostile state, extremist, or activist groups that recruit and organise online. Integrating this technology into their standard digital workflows allows them to act proactively to safeguard people and property, greatly improving situational awareness.

More companies will recognise that integrating advanced OSINT technologies into their workflows enhances their resilience.

 

About alastair walker 18382 Articles
20 years experience as a journalist and magazine editor. I'm your contact for press releases, events, news and commercial opportunities at Insurance-Edge.Net
Twitter

Related Articles

Technology

IBM Report Identifies Cyber Crime Trends 2021

25 February 2021 alastair walker Technology 0

2021 looks set to be a tough year financially for a great number of people, which could lead to more cyber crime. Insurers and brokers need to be aware of the threats and it’s worth […]

Insurance claims

Urban Jungle Notes 171% Rise in Theft Claims

29 September 2021 alastair walker Insurance claims 0

With theft claims up by 171% this summer, Urban Jungle, the home insurance provider, is encouraging city workers to watch out for their laptops and phones as our social lives resume post-lockdown. As millions enjoy pubs […]

Opinion

Scattered Spider: What is Needed to Conquer Cyber Threats in Today’s World

17 July 2024 alastair walker Opinion 0

This article is by Simon West, Director of Customer Engagement at Resilience Cybersecurity, and it looks at recent attacks and the impact they can have on businesses. Today, cyberattacks are becoming increasingly commonplace. In the […]

Be the first to comment

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.