Fortinet Cyberthreat Predictions for 2025: Get Ready for Bigger, Bolder, AI-Driven Attacks



AI adoption and threat actors’ increasing sophistication in improving

cyber-attacks will be countered by the expansion of cybersecurity frameworks

and efforts to enhance collective resilience


Makati City, Philippines, 10 December 2024


Fortinet, the global cybersecurity leader driving the convergence of networking and security, has unveiled its 2025 Cyberthreat Predictions Report, offering critical insights into the evolving cyber-attack landscape. While adversaries continue to leverage classic tactics that have persisted for decades, the report highlights a shift toward more ambitious, sophisticated, and destructive strategies. Cybercrime-as-a-Service (CaaS) groups are becoming increasingly specialized, and attackers are adopting playbooks that blend digital and physical threats to execute highly targeted and impactful attacks.


Developed by FortiGuard Labs, the report examines the evolution of traditional attack methods, emerging trends shaping the future of cybercrime, and actionable recommendations for organizations to strengthen their resilience. It provides a forward-looking view of the challenges posed by a rapidly changing threat landscape and equips businesses with the insights needed to proactively defend against advanced cyber threats.


Emerging Threat Trends to Watch for in 2025 and Beyond


As cybercrime evolves, we anticipate seeing several unique trends emerge in 2025 and beyond. Here’s a glimpse of what we expect.


  • More Attack Chain Expertise Emerges: In recent years, cybercriminals have been spending more time “left of boom” on the reconnaissance and weaponization phases of the cyber kill chain. As a result, threat actors can carry out targeted attacks quickly and more precisely. In the past, we’ve observed many CaaS providers serving as jacks of all trades—offering buyers everything needed to execute an attack, from phishing kits to payloads. However, we expect that CaaS groups will increasingly embrace specialization, with many groups focusing on providing offerings that home in on just one segment of the attack chain.

  • It’s Cloud(y) With a Chance of Cyberattacks: While targets like edge devices will continue to capture the attention of threat actors, there’s another part of the attack surface that defenders must pay close attention to over the next few years: their cloud environments. Although cloud isn't new, it's increasingly piquing the interest of cybercriminals. Given that most organizations rely on multiple cloud providers, it’s not surprising that we’re observing more cloud-specific vulnerabilities being leveraged by attackers, anticipating that this trend will grow in the future.

  • Automated Hacking Tools Make Their Way to the Dark Web Marketplace: A seemingly endless number of attack vectors and associated code are now available through the CaaS market, such as phishing kits, Ransomware-as-a-Service, DDoS-as-a-Service, and more. While we’re already seeing some cybercrime groups rely on AI to power CaaS offerings, we expect this trend to flourish. We anticipate that attackers will use the automated output from LLMs to power CaaS offerings and grow the market, such as taking social media reconnaissance and automating that intelligence into neatly packaged phishing kits.

  • Playbooks Grow to Include Real-Life Threats: Cybercriminals continually advance their playbooks, with attacks becoming more aggressive and destructive. We predict that adversaries will expand their playbooks to combine cyberattacks with physical, real-life threats. We’re already seeing some cybercrime groups physically threaten an organization’s executives and employees in some instances and anticipate that this will become a regular part of many playbooks. We also anticipate that transnational crime—such as drug trafficking, smuggling people or goods, and more—will become a regular component of more sophisticated playbooks, with cybercrime groups and transnational crime organizations working together.

  • Anti-Adversary Frameworks Will Expand: As attackers continually evolve their strategies, the cybersecurity community at large can do the same in response. Pursuing global collaborations, creating public-private partnerships, and developing frameworks to combat threats are all vital to enhancing our collective resilience. Many related efforts—like the World Economic Forum Cybercrime Atlas initiative, of which Fortinet is a founding member—are already underway, and we anticipate that more collaborative initiatives will emerge to meaningfully disrupt cybercrime.


Enhancing Collective Resilience Against an Evolving Threat Landscape


Cybercriminals will always find new ways to infiltrate organizations. Yet there are numerous opportunities for the cybersecurity community to collaborate to better anticipate adversaries’ next moves and interrupt their activities in a meaningful way. 

 

The value of industry-wide efforts and public-private partnerships cannot be overstated, and we anticipate that the number of organizations participating in these collaborations will grow in the coming years. Additionally, organizations must remember that cybersecurity is everyone’s job, not just the responsibility of the security and IT teams. Implementing enterprise-wide security awareness and training, for example, is a vital component of managing risk. And finally, other entities have a responsibility to promote and adhere to robust cybersecurity practices, ranging from governments to the vendors that manufacture the security products we rely on. 


No single organization or security team can disrupt cybercrime alone. By working together and sharing intelligence across the industry, we’re collectively better positioned to fight back against adversaries and effectively protect society at large.

 

Supporting Quotes:


Rashish Pandey, VP, Marketing & Communications, Asia / ANZ

“As cybercriminals continue to evolve their tactics, 2025 is poised to bring a new wave of highly specialized and AI-driven attacks. From the rise of Cybercrime-as-a-Service to the convergence of cyber and physical threats, these trends reflect how adversaries are pushing boundaries to execute more precise, large-scale attacks. Our predictions underscore the need for organizations to anticipate and adapt to an increasingly dynamic threat landscape.”


Alan Reyes, Country Manager, Fortinet Philippines 

“As cybercriminals adopt more sophisticated and impactful methods to execute attacks, the role of AI in cybersecurity becomes increasingly vital. AI enhances defenses by automating threat detection and response while streamlining operations for security teams. Fortinet’s AI-driven cybersecurity platform empowers organizations to be protected against both current and emerging threats, enhance their security posture, and build resilience in a constantly evolving threat landscape. Advancing public-private partnerships and adopting robust cybersecurity practices are also essential to countering cybercrime. Together, these measures can enable organizations to safeguard critical assets and remain protected against future risks.”




Download a copy of our full predictions report for 2025.


Learn more about Fortinet’s FortiGuard Labs threat research and intelligence organization and the FortiGuard Security Subscriptions and Services portfolioSign up for FortiGuard Outbreak Alerts to stay up to speed on the latest breaking threats.

Learn more about Fortinet’s free cybersecurity training, an initiative of Fortinet’s Training Advancement Agenda, or about the Fortinet Network Security Expert programAcademic Partner program, and Veterans program.




Post a Comment

0 Comments