With new code: what attacks to expect from hackers in 2025

Hackers can expect new attacks and techniques in 2025, experts have warned. Cybercriminals may find new ways to use artificial intelligence, their social engineering techniques will become even more sophisticated, and the list of potential targets for attacks may expand. Read more about how the cyber threat landscape will change in 2025 and what means of combating them will be the most relevant in the next 12 months in Izvestia's article.

What cyberattack trends will be the main ones in 2024?

The key trend in terms of cyberattacks in 2024 is the wider use of artificial intelligence (AI) technologies, says Alexey Korobchenko, head of the information security department of the company "Security Code" in a conversation with "Izvestia".

- Such technologies are used not only to create more plausible phishing attacks, such as "human" emails, scanning stolen correspondence and adjusting the style of the email to a particular user, but also to develop adaptive ransomware that can bypass defenses," the expert says.

Photo: Izvestia/Alexander Kazakov

In addition, according to Alexei Korobchenko, there has been an increase in the number of attacks that are directed not at the target organization, but at its partners, so-called supply chain attacks. As a rule, contracting organizations are worse protected than the desired target, so attackers introduce malware into their services and products, which makes it difficult to detect when the VPO ends up in the target infrastructure.

A case of burden: frequent ChatGPT outages can lead to personal data breaches

What other risks do users of OpenAI products face on a regular basis?

Another trend for 2024 is the rise of attacks to more disruptively impact IT infrastructure: in other words, often the goal of attackers is not just to cause damage, but to actually destroy the target system. Finally, in the past 12 months, experts noted an increase in the number of hacks on smart IoT devices. Security standards in this segment are not as rigid as in other areas, which is what attackers take advantage of.

How hackers' cyberattacks will change in 2025

In 2025, there is a risk of encountering cyberattacks on AI-based systems with significant damage, predicts Alexander Liskin, head of threat research at Kaspersky Lab. This class of systems is not only rapidly evolving, but is increasingly being used in critical processes.

- There are also specific risks associated with AI, which the developers of such systems are not always aware of," says the Izvestia interlocutor. - These two factors allow us to conclude that attackers may be paying closer attention to this area.

As Alexander Liskin notes, we should also expect more vulnerabilities exploited by cybercriminals, including those in systems where critical problems have not been detected before. Attacks on supply chains, including attacks through contractors and infection of popular open-source software, will also retain their place in the attackers' arsenal.

Photo: IZVESTIA/Sergey Lantyukhov

Sergei Polunin, head of the Infrastructure IT Solutions Protection Group at Gazinformservice, adds that cybercriminals in 2025 are likely to use AI in a very creative way to design attacks. And the use will be quite different - from generating dipfakes for phishing to developing exploits for specific services.

- The second point that experts predict is the strengthening of hacker groups controlled directly or indirectly by states," the expert says.

In addition, according to the expert, we should expect a kind of democratization of hacking. The fact is that access to knowledge and tools is becoming more and more simple, which means that the number of various cybercriminals should increase physically. All these things will determine the situation in the information security industry in the next 12 months, emphasizes Sergey Polunin.

What will be the main targets for cybercriminals in 2025

In 2025, the scale of cybercriminals' goals will grow, says Gennady Sazonov, an engineer in the incident investigation group of Solar 4RAYS (Solar Group). The level of attackers involved in attacks on Russian infrastructures has increased, so in the next 12 months we should expect more incidents aimed at stealing sensitive corporate data, hijacking key services, destroying key infrastructure and hacking contractors to access target networks.

- Government agencies, military-industrial complex facilities, civil industry, healthcare organizations, and IT development companies will remain in the attackers' crosshairs," says Izvestia's interlocutor.

Photo: IZVESTIA/Sergey Lantyukhov

According to the expert, private users in terms of cybersecurity in 2025 should be especially careful during the "high" periods associated with planning vacations in April and May, the return of students to school in August and September, as well as during the period of sales in November and December. This is a time when fraudsters try to use the increased interest in a particular topic to launch various fraud schemes aimed at stealing money and personal data.

Holiday bottom: experts named the top 5 fraudulent schemes for the New Year

It included fake pranks and tickets - how attackers are using neural networks and dipfakes

At the same time, organizations involved in related activities should also be more attentive to security during these periods, as attacks on business customers can directly affect the company itself. In addition, tax filing time is a traditionally dangerous period - attackers can disguise malicious links and files as tax-related documents.

- Any major federal government events are also always a busy time in terms of cyberattacks," says Gennady Sazonov. - For politically motivated attackers, attacking an event is a way to raise awareness and deliver their messages. Therefore, teams involved in the preparation of such events should take special care to protect themselves.

What defense mechanisms against cyberattacks will be relevant in 2025

Speaking about tools to protect against cyberattacks, Alexey Korobchenko notes that in 2025 the role of new-generation firewalls will continue to grow, which allow to reflect a large number of different threats and have centralized management, which is extremely important for large companies with a wide IT infrastructure. Overlay defenses will also be popular, for example, in the segment of virtualized systems.

Photo: Izvestia/Eduard Kornienko

- As for technologies, we should expect a wider introduction of AI into defense solutions," predicts Izvestia's interlocutor. - Neural networks and machine learning are already being used now, allowing, for example, to calculate an intruder who has penetrated into the IT infrastructure by specific behavioral markers.

In the coming years, organizations working in all spheres will face the task of building a more sustainable, independent and import-substituted system of national information security, which will guarantee the availability of private and public Internet services and ensure the sustainable operation of all organizations in the country, says Timur Zinniatullin, director of Angara SOC.

Photo: Izvestia/Mitriy Korotayev

According to the expert, today more attention is paid to information security issues - and this is the merit of regulatory bodies, but a significant part of the problems remains unresolved on the ground for years. Of course, there are a number of factors justifying and explaining this state of affairs, but the time when it was appropriate to apply them has passed, emphasizes Timur Zinniatullin.

- In the coming years, the unit cost of underperformance, connivance or unprofessionalism at each workplace will grow by multiples," concludes the specialist. - However, if the trend of more and more organizations paying serious attention to IS issues continues, we will have a markedly increased chance of ensuring cyber resilience in organizations, and with them, society as a whole.