TEL AVIV, Israel, Dec. 19, 2024 /PRNewswire/ -- CYFOX, the trusted cybersecurity platform for MSSPs, unveils the 'Top Emerging Cyber Threats of 2025.' The world of malware is evolving rapidly, with fast paced technological developments and global geopolitical tensions creating a reality where cyber threats are more complex and dangerous than ever.
"2025 is expected to be a turning point in the cyberspace, with attackers focusing on high-value targets, combined with the increasing use of artificial intelligence and other advanced technologies to create custom-made malware," says Nir Yehoshua, Director of Research at CYFOX. In addition, trends such as the wider use of cloud technologies, proliferation of networked (IoT) devices, and a growing dependence on digital services will increase threats to organizations and individuals alike.
1. Moving from broad attacks to more targeted attacks
In the past, most of the attacks aimed to hit as many victims as possible, however looking ahead to 2025, attackers are expected to shift their focus to specific high-value targets. This trend will be supported by the increasing use of artificial intelligence, which enables the identification of unique vulnerabilities in specific systems.
Looking ahead to next year, the growing capabilities of generative AI will likely increase the risk of cyber threats. With platforms like LinkedIn and social networks making it easier for attackers to gather personal information, they can launch more targeted and effective attacks. The combination of social media and generative AI will also lead to more convincing scams and impersonations, allowing cybercriminals to craft deceptive attacks that are harder to spot. As these threats evolve, it will be crucial to stay alert and strengthen security measures
2. Integrating AI Tools into Malware and Dataset-Based Attacks
CYFOX estimates that attackers will continue to leverage artificial intelligence to upgrade their attack methodologies and tools. In 2025, we expect to see increased use of AI to create custom made malware, which may bypass traditional security systems, such as EDR, Firewall, IDS, while learning the defense mechanisms of these systems to adapt its behaviour accordingly.
A particularly concerning development in 2025 will be the rise of dataset-based attacks. these attacks exploit training data from artificial intelligence (AI) or machine learning (ML) systems, influencing their performance and decision-making. They are especially common in systems that rely on data learning to make autonomous decisions or predictions.
As machine learning systems rely heavily on high-quality data to make accurate predictions, attackers may target and compromise these datasets, causing the models to learn incorrect patterns or develop vulnerabilities. This opens the door for targeted attacks or for deceiving the system entirely, which these types of attack could become a major threat in 2025
3. The use of Stealer Malware will increase
Stealer Malware will continue to establish itself as a major threat actor and will become a key tool in the toolbox of attack groups, with a special emphasis on stealing access data, financial information, and sensitive files from personal and professional systems. CYFOX predicts that in 2025 we will see a growing focus on the use of this type of malware, with attackers using sophisticated AI-based tools to effectively hide their traces and improve their stealth and evasion capabilities.
According to CYFOX MailSecure research team, there has been a significant increase in the detection of this type of malware in recent months, with 30% of all detections. This is a sophisticated malware that uses advanced techniques to steal information, including passwords, email data, and financial information found on infected systems.
One of the well-known examples of stealer malware is Agent Tesla malware, which, despite its lack of complexity, is perceived as an effective malware for stealing a wide range of data, which explains its popularity among various, not always very technical, attackers. This underscores the critical importance of continuously identifying and neutralizing such threats.
4. Geopolitical Risks
Espionage, cybercrime, and information operations will remain ongoing strategies for nations to pursue their geopolitical interest.
In recent years, especially since the start of the Iron Swords war (Israel-Hamas 2023 war), Israel has been facing ongoing cyberattacks from Iranian-backed threat actors and other groups supported by the Iranian regime. These attacks are aimed at critical infrastructure, including energy, water, transportation, strategic targets, government agencies, and defense industries. The goal is to disrupt Israel's economy and undermine the stability of the state. Since the war began, CYFOX's research team has been tracking these targeted attacks to enhance our security solutions for the benefit of its customers.
The tension in the region poses a significant challenge not only to Israeli entities, but also to its allies, which could be indirect targets through supply chain attacks.
In the first week of the Iron Swords War, CYFOX XDR detected intensive activity by an attack group affiliated with Iran and pro-Palestinian entities. The malware, called BiBi, was targeting Israeli companies and was intended to infiltrate critical systems, collect sensitive information, and carry out disruptive actions designed to undermine the ability of the attacked organizations to respond and recover.
5. Increase in supply chain attacks
Attack groups are expected to focus their efforts on targeting the supply chains of large companies. Instead of attacking the primary and protected target, they will attack suppliers or partners to exploit the connections between them and penetrate these systems.
At the end of 2024, a supply chain attack was unveiled, in which attackers were able to inject a malicious version into a key software tool used by many companies. The attack was designed to steal private keys—sensitive data that allows access to secure systems or digital assets. These types of attacks exploit organizations' dependence on external components or services, such as software libraries or tools provided by third parties. Rather than directly targeting a well secured organization, attackers increasingly focus on its suppliers and partners, which often lack the same level of security. By exploiting these weaker links in the supply chain, they can bypass the advanced security measures of the primary target. CYFOX estimates that 2025 will see an increase in supply chain attacks, using more sophisticated methods. These attacks are expected to cause significant damage to critical assets in organizations that depend on external software components and services. The time to exploit vulnerabilities will continue to decrease, and the range of targeted vendors will expand.
According to Joseph (Yossi) Tal, CEO of CYFOX: "With the increased foot print in the global markets, CYFOX holds a real time sense on emerging trends and with the LLM and AI based SoC-as-a-Service, XDR, EDR, Mail Security tools, CYFOX can provide a real time protection and incident response, leveraging our MSSP's partners globally."
About CYFOX
CYFOX is a cybersecurity company specializing in providing cyber solutions based on advanced AI and ML technologies, including EDR, XDR, Mail Security, and more. CYFOX products utilize sophisticated artificial intelligence models, significantly reducing the need to address false flags and enables organizations to focus on genuine security incidents. CYFOX's solutions ensure high accuracy and provide real-time responses against a wide range of cyber threats. CYFOX's offerings are complemented by an MDR shell, providing 24/7 monitoring and incident response, enabling organizations with peace of mind and allowing them to focus on their core business operations while CYFOX takes responsibility and handles real-time cybersecurity monitoring and protection. CYFOX aims to deliver high-value solutions at a competitive price, ensuring that even smaller organizations can benefit from cutting-edge cyber protection. For more information, see https://www.cyfox.com.
SOURCE Cyfox
Share this article