Cybersecurity trends for 2025: The AI arms race continues, physical threats rise

MANILA, Philippines – US cybersecurity firm Fortinet on Tuesday, December 10, presented to the media their annual threat predictions report for 2025. 

As expected, artificial intelligence continues to generate buzz. In the cybersecurity industry, Fortinet describes an ongoing arms race between cybersecurity professionals and firms such as them, and threat actors. 

Threat actors have made use of artificial intelligence in the past year in order to make attacks more efficient, more prevalent, and more targeted. Through AI, threat actors or hackers can more easily, for example, craft more sophisticated phishing messages that may have a higher chance of reeling in a victim.

AI has also been deployed by these hackers to much more easily modify code in order to evade security updates. 

The technology has also lowered the barrier for entry for would-be hackers, much in the same way that people can now code programs with the help of large language models (LLMs). These are some of the threats being presented by AI, and Fortinet expects that such usage will only expand in the coming year. 

For their part and the part of other cybersecurity vendors, they leverage AI for detecting danger patterns across whole swaths of network that manual monitoring just wouldn’t be able to accomplish. Fortifying their software solutions is also helped along with AI tools. 

It has always been an arms race between attackers and cybersecurity vendors. The difference here is that AI scales up the speed, efficiency, and frequency of attacks, necessitating vendors to make use of similar technologies to maintain defenses. 

Aside from AI, here are the key trends to expect: 

• More attack chain expertise emerges. In recent years, attackers have provided “jack of all trades” cyber-attacks-as-a-service (CaaS) “offering buyers everything needed to execute an attack, from phishing kits to payload.” But Fortinet sees these providers increasingly embracing specialization “with many groups focusing on providing offerings that home in on just one segment of the attack chain.”
• Cloud-specific attacks to rise. While endpoint or edge devices like smartphones and computers continue to draw attention from attackers, the cloud is “piquing the interest” of cyberattackers more so than in past years. “Given that most organizations rely on multiple cloud providers, it’s not surprising that we’re observing more cloud-specific vulnerabilities being leveraged by attackers, anticipating that this trend will grow in the future.”
• Automated hacking tools make their way to dark web marketplace. “We anticipate that attackers will use the automated output from LLMs to power CaaS offerings and grow the market, such as taking social media reconnaissance and automating that intelligence into neatly packaged phishing kits,” Fortinet said. Ransomware-as-a-Service, and DDoS-as-a-Service are also found in these marketplaces. 
• Physical real-life threats will be included in cyberattackers’ playbook. Threat groups are “becoming more aggressive and destructive.”
  
  “We’re already seeing some cybercrime groups physically threaten an organization’s executives and employees in some instances and anticipate that this will become a regular part of many playbooks. We also anticipate that transnational crime — such as drug trafficking, smuggling people or goods, and more — will become a regular component of more sophisticated playbooks, with cybercrime groups and transnational crime organizations working together,” Fortinet said. 

On the positive end of things, the firm also expects that anti-adversary frameworks will expand, urging the cybersecurity community to pursue global collaborations, and private-public partnerships to keep up with evolving strategies of cybercriminals. 

Rashish Pandey, VP, marketing and communications, said, “As cybercriminals continue to evolve their tactics, 2025 is poised to bring a new wave of highly specialized and AI-driven attacks…Our predictions underscore the need for organizations to anticipate and adapt to an increasingly dynamic threat landscape.” – Rappler.com