Cybercrime was at an all-time high in 2024. With multiple high-profile breaches, the increase in using artificial intelligence and cyber warfare making the headlines, 2025 will be no different in many analyst’s eyes. Several different trends have been noted in 2024 and are expected to continue in 2025.
NTT, a cybersecurity group based in Tokyo, came out with a report that laid out some of the threats they see going forward. (1)The top five they see:
- AI Cybercrime. Mihoko Matsubara, Chief Cybersecurity Strategist for NTT Corporation, noted that cybercrime was increasingly driven by AI, deepfakes and other ransomware. There were arrests of actors in China and in Japan. It was reported by VIPRE group that 40 percent of fraud attempts now use AI.(2) In the US, according to Vectra AI, the government spent over 3.3 Billion in actual man power to counter this, potentially burning out operators, forcing them to use AI in conjunction with manual operations.
- Geopolitical Cyberwarfare: With increasing tensions, especially between China and the US and the ongoing war in Ukraine, there will be a rise in attacks sponsored by nations. With the recent rows by the changing US administration against China, some see the possibility that China might respond in kind with their own cyber attacks on US and allied infrastructure. Meanwhile in Ukraine, Russia and Ukraine continue to rage war in cyberspace, with Russian and Ukrainian actors potentially causing bigger damage.
- Collaboration between nations: Expanding on the above point, there could be potential collaboration between various actors. With North Korea and Russia in a military alliance, the actors associated with the former could get more comprehensive in their attacks especially against cryptocurrency.
In the world of cybercrime, English and Russian have traditionally been widely used within many communities as the international languages. Recently, it has been observed that cybercrime communities are expanding into various languages, particularly in developing countries. By enabling communication in native languages, these communities are broadening their reach, and multiple languages have been identified where entire ecosystems are being established. It is anticipated that attacks by cybercriminals using a variety of languages will increase in 2025.
- Supply Chain attacks: The global supply chain is still extremely vulnerable to cyber-attacks. Companies like Maersk will be vulnerable to another potential hack.
- Consumer protections: With the rise of said cyber-attacks, consumer protection will continue to be a priority for companies. But different events have raised concerns about if they are ready for this. One of the biggest incidents comes from the Israel-Hamas War, where pagers used by Hezbollah were tampered with and exploded remotely due to a code that was inserted into the devices. (3) According to Itaru Kamiya, Senior Researcher, NTT-CERT, one of the ways that consumers can protect themselves.is to label their products correctly. In 2025, threats to embedded products or services will continue to increase. “If every product or service discloses to consumers how the products are produced, manufactured and are delivered to consumers' hands, consumers awareness about the risk of using certain products or services will increase. Consider: In many countries, food products are required to clearly indicate the names of their ingredients. And by ensuring that food items are sealed at the production site and then displayed in stores, it is guaranteed that there will be no tampering during the distribution process. I believe that a strategy for consumer electronic products and services similar to that used for food products will be required in the future.”
Cyber crime will continue to get bigger, more complex and more damaging. With multiple different factors contributing to these trends, there is many things that a company and a person needs to be aware of. Talk with your insurance provider about what you need to do to protect yourself and come up with a gameplan for when you do get compromised by malicious actors.