- Статьи
- Internet and technology
- Welcome with a twinkle: what cyber threats to expect from hackers in 2026
Welcome with a twinkle: what cyber threats to expect from hackers in 2026
The cyber threat landscape in Russia may change in 2026, experts have warned. Among other things, attackers will increasingly use specialized services based on artificial intelligence (AI), which can make their actions an order of magnitude more dangerous. For details on what cyber threats to expect from hackers in 2026, how the technology of intruders will change and what will help to effectively counter them, read the Izvestia article
How will cybercrime trends change in 2026
The main threat vectors — targeted advertising, vulnerability exploitation, and attacks on supply chains — will remain the same in 2026, Alexey Korobchenko, head of the Information security department at Security Code, told Izvestia. At the same time, the massive use of specialized AI services by cybercriminals will become a key trend.
"This will lead to an increase in the scale, personalization and complexity of attacks," the expert says. — Artificial intelligence will be used to create phishing texts, deep fakes, intelligence automation and malicious code adaptation.
In turn, Dmitry Galov, head of Kaspersky GReAT in Russia, predicts that cyber attacks aimed at ordinary users will become more targeted, complex and multi—stage - cybersecurity experts already see this approach, in particular, in phishing and attacks on smartphone owners.
Attackers will continue to gain access to companies' IT infrastructures, including for the sake of espionage, distribution of ransomware programs and gaining access to financial assets, the head of BI believes.ZONE Threat Intelligence Oleg Skulkin. Nevertheless, the development of cybercriminal attacks is sure to have a new round in terms of technical implementation — they always need to enrich their arsenal with new methods and tools in order to circumvent security measures and remain unnoticed.
What new things can appear in the arsenal of hackers
New schemes and threats from cybercriminals in the coming year will appear due to the active use of artificial intelligence in conjunction with social engineering, says a data analyst at the Coordination Center for domains .RU/.Russian Federation Evgeny Pankov. AI will automate the creation and distribution of malicious resources, audio and video deepfakes, fraudulent chatbots, and forged documents.
"In turn, social engineering will be used to weaken users' vigilance through realistic and psychologically sound approaches," the Izvestia source believes. — The symbiosis of technology and manipulation will make attacks not only bigger, but also more accurate. This will increase the damage from them for both companies and individuals.
According to forecasts, by 2026, 30% of corporations will stop trusting identification systems based on facial recognition, due to the fact that deepfake technologies will continue to improve, said Nikolai Dolgov, cybersecurity expert at Angara Security. This poses a serious challenge for organizations: if you can't fully trust what you see or hear, you need a completely new trust architecture.
Another equally serious threat is attacks on artificial intelligence. As companies invest billions in AI systems, the latter become attractive targets for attacks, the specialist explains. In this regard, Prompt injection, a technique for manipulating AI models, will be one of the critical threats.
—Attackers will learn how to "inspire" artificial intelligence systems with commands that will force them to perform malicious actions,— says Nikolai Dolgov. — This can lead to the compromise of corporate AI models and the spread of compromise throughout the supply chain.
In addition, the expert expects further expansion of attack chains using "zero-day" vulnerabilities. In 2025, hackers actively exploited VPNs and firewalls — and this trend will continue next year. The difference is that AI systems will now be responsible for the development, detection and exploitation of critical vulnerabilities, which will be able to find and test exploits on a scale inaccessible to humans, Nikolai Dolgov emphasizes.
Which industries will become the main targets of cyber attacks and when?
Banks, fintech and government services will traditionally remain the main targets of cyber attacks in 2026, says Sergey Polunin, head of the Gazinformservice IT infrastructure Solutions protection group. However, in the case of massive zero-day threats in popular products, hackers will attack everything they can reach.
— In general, hackers armed with AI no longer have the problem of choosing a target: they can attack everyone at once, and this does not deplete the attackers' resources in any way, — the Izvestia interlocutor notes. — Mass participation is good when an attack is cheap, and this is just such a case.
In turn, Grigory Filatov, head of the Linx Cloud information security department, expects that in 2026, suppliers, organizations with large-scale technological production, as well as personnel of organizations against which illegal actions are planned, will be included in the main list of cybercriminals' targets.
At the same time, holidays and long weekend periods, such as New Year's holidays or May holidays, will be especially stressful in 2026, says Alexey Korobchenko. Cybercriminals traditionally become more active at this time, relying on reduced user vigilance and minimal staff of specialists in companies.
—Autumn 2026 is the period of maximum risk associated with the State Duma elections," adds Nikolai Dolgov. — Based on historical data and current trends, we can expect a peak in cyber attacks in August-September, during the pre-election period and on election days.
At the same time, as the expert notes, you should not wait for a respite in the summer. This is a time when organizations often relax their vigilance due to staff vacations, which further facilitates the attackers' tasks. Attackers use the summer months to conduct reconnaissance, prepare infrastructure, and deploy backdoors before the autumn offensive.
What will help protect against cyber attacks in 2026
The most effective tool for protecting against cyber attacks in 2026 will be the use of AI for defensive purposes, such as behavioral analysis of personnel actions, automation of incident response processes, the use of integrated cybersecurity solutions (security platform) and the gradual abandonment of point solutions, Grigory Filatov believes.
— In general, a situation is expected in which cybersecurity will finally cease to be a purely technical problem, — says the interlocutor of Izvestia. — It will be an end-to-end business discipline based on a platform-based approach with global regulation, driven by data and AI, aimed at protecting IoT and cloud environments in the face of confrontation between AI attacks and AI protection.
As for ordinary users, regardless of which new "legends" and techniques the attackers will implement, the basic rules of digital literacy remain unchanged, Dmitry Galov reminds. If you follow them, you can significantly reduce cyber risks.
In particular, it is important for users to be critical of any messages on the network, not to click on links or download files from questionable correspondence, and if the call or message seemed questionable, immediately stop communicating and double—check incoming information. In addition, it is necessary to regularly update the OS and the applications installed on the devices, as well as not download programs and other files from questionable sources.
— Protect all your accounts with strong passwords and set up two-factor authorization in those services that allow it. Finally, it is extremely important to use a reliable security solution on all your devices — PCs and smartphones," concludes Dmitry Galov.
Переведено сервисом «Яндекс Переводчик»
