Artificial intelligence has given a major boost to the cybersecurity arms race in the past year. There will be no break from this race for the next 12 months. This has significant implications for corporate cybersecurity teams and employers, as well as everyday web users.

Safe experts They underlined what should be taken into consideration in 2025, stating that artificial intelligence tools can increase the scale and severity of all kinds of fraud, disinformation campaigns and other threats in the hands of bad actors.

The UK’s National Cyber ​​Security Center (NCSC) warned at the start of 2024 that AI is already being used by all types of threat actors and will “increase the volume and impact of cyber attacks over the next two years”. The threat is most visible in the field of social engineering, where generative artificial intelligence (GenAI) can help malicious actors craft persuasive campaigns in error-free local languages.

Although these trends will continue in 2025, we can also see artificial intelligence used for the following purposes:

· Authentication bypass: Deepfake technology used to help scammers impersonate customers in selfie and video-based checks for new account creation and account access.

· Business email compromise (BEC): AI was once again used for social engineering, but this time to trick the corporate buyer into transferring money to an account under the fraudster’s control. Deepfake audio and video can also be used to impersonate CEOs and other senior leaders in phone calls and virtual meetings.

· Imitation scam: Open source large language models (LLMs) will present new opportunities for fraudsters. By training these models on data collected from hacked or public social media accounts, fraudsters can impersonate victims in virtual kidnappings and other scams designed to fool their friends and family.

· Influencer scam: Similarly, we expect to see GenAI used by scammers in 2025 to create fake or duplicate social media accounts impersonating celebrities, influencers, and other public figures. Deepfake videos will be released to trick followers into handing over their personal information and money, for example in investment and crypto scams, including the kind of tricks highlighted in ESET’s latest Threat Report. This will put more pressure on social media platforms to offer effective account verification tools and badges and keep you on your toes.

· Disinformation: Hostile states and other groups will leverage GenAI to easily generate fake content to trick gullible social media users into following fake accounts. These users can then be turned into online amplifiers for influence operations that are more effective and harder to detect than content/troll farms.

· Password cracking: AI-driven tools can mass expose user credentials in seconds to gain access to corporate networks and data, as well as customer accounts.

AI privacy concerns for 2025

Artificial intelligence will not just be a tool for threat actors next year. It will also bring a high risk of data leakage. LLMs need large volumes of text, images and video to educate themselves. Often some of this data will be sensitive:

Such as biometrics, health information or financial data. In some cases, social media and other companies may change the Terms and Conditions to use customer data to train models. Once this information is collected by the AI ​​model, it poses a risk to individuals if the AI ​​system itself is hacked or if the information is shared with others through GenAI applications running on LLM.

There is also a concern for enterprise users that they may unknowingly share sensitive business information through GenAI prompts. A fifth of UK companies have inadvertently exposed potentially sensitive corporate data through employee use of GenAI, a survey has found.

AI for defenders in 2025

The good news is that AI will play a larger role in the work of cybersecurity teams in the coming year as it is incorporated into new products and services.

· Users, security teams and even A.I. creating synthetic data to train security tools

• Summarizing long and complex threat intelligence reports for analysts
• Improving SecOps efficiency for overloaded teams by contextualizing and prioritizing alerts and automating workflows for investigation and remediation
• Scanning large data volumes for signs of suspicious behavior
• Skilling IT teams through “co-pilot” functionality built into a variety of products to help reduce the possibility of misconfiguration

However, IT and security leaders A.I. It must also understand its limitations and the importance of human expertise in decision-making. A balance between human and machine will be needed in 2025 to reduce the risk of delusions, pattern distortion, and other potential negative outcomes. A.I. It is not a magic wand. It should be combined with other tools and techniques for optimum results.

AI challenges in compliance and implementation

The evolution of the threat landscape and AI security does not occur in a vacuum. Geopolitical changes in 2025, especially in the United States, could even lead to deregulation in the technology and social media sectors.

This could enable scammers and other malicious actors to flood online platforms with AI-generated threats. Meanwhile, in the EU, there is still some uncertainty around AI regulation, which could make life more difficult for compliance teams. As legal experts note, codes of practice and guidance still need to be sorted out and liability calculated for AI system failures. Lobbying from the tech sector could change how EU AI law is implemented in practice.

What is clear, however, is that artificial intelligence will fundamentally change the way we interact with technology in 2025, for better and for worse. While it offers great potential benefits for businesses and individuals, it also poses new risks that need to be managed. It would be in everyone’s interest to work more closely over the next year to make sure this happens. Governments, private sector businesses and end users must do their part and work together to harness the potential of AI while mitigating its risks.

The year 2024 stood out as a critical year in terms of cyber security, with increasing threats in the digital world. In this year of fighting against the threats brought by artificial intelligence, cyber criminals have made their attack methods more effective by taking advantage of developing technologies.

It has been accepted by experts that developing technologies will pose a threat to cyber security in 2025, as in 2024. With the developments in artificial intelligence, quantum computers, IoT devices and cloud technologies, the cost of cyber attacks is expected to reach 12 trillion dollars worldwide in 2025.

5 that will stand out in 2025 cyber security threat

1. The Great Danger Emerging from Quantum Computer: Researchers at Shanghai University in China claim to have found a way to break the most common online encryption method using quantum computers of just 372 qubits.

This effectively demonstrates that advances in niche quantum methods can pose small-scale cryptographic risks, highlighting a gradual progression towards large-scale quantum threats. Experts predict that quantum computers could be powerful enough to break current encryption methods as early as 2025. That’s why it’s critical for organizations to move to encryption methods that can resist quantum decryption before it’s too late.

2. Artificial Intelligence Supported Cyber ​​Attacks: In 2024, attacks powered by artificial intelligence were seen to be effective, especially through methods such as social engineering, phishing, and deepfake. AI-enabled social engineering attacks accounted for 35-37% of all cyber attacks, and this proportion is expected to increase further in 2025.

In addition, attackers, who used natural language processing technology offered by artificial intelligence to make phishing emails more believable, managed to deceive 60% of target users, and the average cost of these attacks for businesses was recorded as 4.88 million dollars.

We predict that in 2025, in addition to the increase in all these attack methods, automatic tools that can exploit security vulnerabilities in real time will be effective in artificial intelligence-oriented cyber attacks.

3. Internet of Things (Iot) and Cloud Security: The development of IoT devices and the transition of businesses to cloud platforms will also increase cyber risks. Attacks on these devices increased by 35% in 2024. On the cloud security side, misconfigurations continued to be the main cause of cyber attacks in 2024. According to research, 83% of organizations report that weaknesses in authentication and access management are a factor in cloud data breaches.

It is predicted that by 2025, more than 90% of companies will use more than one cloud platform and the number of IoT devices will exceed 32 billion. Since many IoT devices, such as smart home technology and sensors, do not meet appropriate security measures, the increase in the number of devices makes them an easy target.

4. Digital Asset Security and Cryptocurrency Thefts: In 2024, digital asset security and cryptocurrency thefts continued to be an important target of cybercrime. In the first half of the year, losses from cryptocurrency thefts reached approximately $1.4 billion. In the second quarter in particular, losses exceeded $600 million, a 100% increase compared to the previous year.

In 2025, as the cryptocurrency market grows further, digital wallets and decentralized finance (DeFi) platforms will be at the forefront among the targets of cybercriminals. “Phishing” attacks and smart contract vulnerabilities, especially against wallets, can cause serious financial losses for individuals and institutions.

5. Cyber ​​Threats on Social Media: Social media platforms will continue to be a major ground for phishing attacks and data leaks. According to Meta’s 2024 security report, such attacks increased by 28% compared to last year.

It is estimated that in 2025, methods such as deeply personalized phishing attacks, artificial intelligence-supported fake profiles and deepfake videos will be used more frequently. Cybersecurity teams will also increasingly rely on AI-powered tools to detect and counter these threats. Individuals and organizations that do not take sufficient cyber security precautions and do not gain awareness against these threats may face serious risks.