Bigger, bolder and better cyber-attacks predicted for 2025

FortiGuard-Labs'-2025-predictions-for-bigger,-bolder-and-better-cyber-attacks

Share this content

Facebook
Twitter
LinkedIn

International Security Journal hears from Derek Manky, the Chief Security Strategist and Global VP Threat Intelligence for FortiGuard Labs on the company’s predictions for ‘bigger, bolder and better attacks’.

While threat actors continue to rely on many “classic” tactics that have existed for decades, our threat predictions for the coming year largely focus on cyber-criminals embracing bigger, bolder and better attacks.

From Cybercrime-as-a-Service (CaaS) groups becoming more specialised to adversaries using sophisticated playbooks that combine both digital and physical threats, cyber-criminals are upping the ante to execute more targeted and harmful attacks.

In the 2025 threat predictions report, our FortiGuard Labs team looks at tried-and-true attacks cyber-criminals continue to rely on and how these have evolved, shares fresh threat trends to watch for this year and beyond and offers advice on how organisations worldwide can enhance their resilience in the face of a changing threat landscape.

Emerging threat trends

FortiGuard anticipate seeing several unique trends emerging in 2025 and beyond, this is due to the ever-growing cybercrime affecting businesses. FortiGuard’s expectations for 2025 include:

More attack chain expertise emerges:

  • In recent years, cyber-criminals have been spending more time “left to boom” on the reconnaissance and weaponisation phases of the cyber kill chain
  • As a result, threat actors can carry out targeted attacks quickly and more precisely
  • In the past, FortiGuard has observed many CaaS providers serving as jacks if all trades, offering buyers everything needed to execute an attack from phishing kits to payloads
  • The company expects that CaaS groups will increasingly embrace specialisation with many groups focusing on providing offerings that home in on just one segment of the attack chain
  • FortiGuard expects CaaS groups will increasingly embrace specialisation with many groups focusing on providing offerings that home in on just one segment of the attack chain

Its cloud(y) with a chance of cyber-attacks:

  • While targets like edge devices will continue to capture the attention of threat actors, there’s another part of the attack surface that defenders must pay close attention to over the next few years: their cloud environments
  • Although cloud isn’t new, it’s increasingly piquing the interest of cyber-criminals
  • Given that most organisations rely on multiple cloud providers, it’s not surprising that were observing more cloud-specific vulnerabilities being leveraged by attackers, anticipating that this trend will grow in the future

Automated hacking tools make their way to the Dark Web marketplace:

  • A seemingly endless number of attack vectors and associated code are now available through the CaaS market, such as phishing kits, Ransomware-as-a-Service, DDoS-as-a-Service and more
  • While were already seeing some cyber-crime groups rely on AI to power CaaS offerings, we expect to this trend to flourish
  • We anticipate that attackers will use the automated output from LLMs to power CaaS offerings and grow the market, such as taking social media reconnaissance and automating that intelligence into neatly packaged phishing kits

Playbooks grow to include real-life threats:

  • Cyber-criminals continually advance their playbooks with attacks becoming more aggressive and destructive
  • We predict that adversaries will expand their playbooks to combine cyber-attacks with physical, real-life threats
  • We’re already seeing some cyber-crime groups physically threaten an organisation’s executives and employees in some instances and anticipate that this will become a regular part of many playbooks
  • We also anticipate that transnational crime, such as drug trafficking, smuggling people or goods and more, will become a regular component of more sophisticated playbooks, with cyber-crime groups and transnational crime organisations working together

Anti-adversary frameworks will expand:

  • As attackers continually evolve their strategies, the cybersecurity community at large can do the same in response
  • Pursuing global collaborations, creating public-private partnerships and developing frameworks to combat threats are all vital to enhancing our collective resilience
  • Many related efforts like the World Economic Forum Cybercrime Atlas initiative (of which Fortinet is a founding member) are already underway and we anticipate that more collaborative initiatives will emerge to meaningfully disrupt cyber-crime

Enhancing collective resilience against an evolving threat landscape

Cyber-criminals will always find new ways to infiltrate organisations.

Yet there are numerous opportunities for the cybersecurity community to collaborate to better anticipate adversaries’ next moves and interrupt their activities in a meaningful way.

The value of industry-wide efforts and public-private partnerships cannot be overstated and we anticipate that the number of organisations participating in these collaborations will grow in the coming years.

Additionally, organisations must remember that cybersecurity is everyone’s job, not just the responsibility of the security and IT teams.

Implementing enterprise-wide security awareness and training, for example, is a vital component of managing risk.

Other entities have a responsibility to promote and adhere to robust cybersecurity practices, ranging from governments to the vendors that manufacture the security products we rely on.

No single organisation or security team can disrupt cybercrime alone.

By working together and sharing intelligence across the industry, we’re collectively better positioned to fight back against adversaries and effectively protect society at large.

Newsletter
Receive the latest breaking news straight to your inbox