In 2025, how can we build effective protection systems through collective intelligence sharing, defence improvements, and strategic responses to emerging threats? Here are eight cyber threats we predict will foster more global cyber collaborations:

1. AI-driven manipulations and cyberattacks

As AI becomes more embedded in business operations and critical infrastructure, the risks of exploits, data exposures, disinformation, and other threats continue to rise because security and governance protocols are lagging.

This is exposing sensitive data, credentials, and critical assets vulnerable to attacks. While some risks are accidental, it is clear that threat actors are increasingly using AI for nefarious purposes. Generative AI (GenAI) and large language models will play a key role in Cybercrime-as-a-Service (CaaS), automating the creation and deployment of cyber threats.

Despite its potential for misuse, AI is tipping the scales in favor of cyber defenders.

2. Rising geopolitical threats

Today’s geopolitical sensitivities motivate cyber threat activities, driving cybercrime, including hacktivism, spyware, critical infrastructure as well as supply chain disruptions. The damage from these activities can potentially create an even more disastrous impact — rampant centralization as a direct consequence of de-globalization.

Centralizing critical systems and resources without proper redundancy or backups increases vulnerabilities, making countries easier targets for threat actors’ attempts at creating large scale service outages.

Such attacks are only expected to increase as cross-border tensions persist.

3. Deepfake and synthetic-media exploits

Deepfake technology is also rapidly evolving and becoming a tool for misinformation/disinformation, brand abuse, fraud, and privacy violations.

Synthetic media, including deepfakes, involves altering voices, images, and message components to manipulate viewers and listeners into taking specific actions.

Such dubious content is increasingly challenging for biometric verification systems, allowing fraudsters to bypass security measures and gain unauthorized access to systems and data.

We are also seeing synthetic representations of officials and celebrities either soliciting funds or spreading fake news and propaganda, prompting authorities to enhance deepfake detection and protection strategies to mitigate reputational and financial risks.

4. Shapeshifting and hyper-scaling fraud

Fraudsters are finding innovative ways to exploit AI for scam automation, marketing, and distribution. Deepfake technology, social engineering ploys, automated chats, emails, and phone calls are now used to create even more convincing fraud platforms, online affiliate programs, and fabricated identities and credentials for deception.

Scam call centers are now forming an illegal global economy with crime networks’ financial schemes now either involving individuals directly (through trafficking to scamming compounds) or indirectly (by luring people into fraudulent activities). To capitalize on this opportunity, cybercriminals will continue targeting the world’s most mature economies, with greater access to potential vulnerabilities such as exploitable legal measures, enforcement mechanisms, and other evolving tactics.

An effective defence against fraud will require collective intelligence sharing among financial institutions, covering fraud schemes, mule accounts, and counterstrategies. This collaboration safeguards clients and fosters global efforts to combat scams and disinformation.

5. Hackings of autonomous systems

Self-driven, self-learning models that solve human problems without manual intervention are becoming a reality. As these technologies grow, securing them against cyber threats will be crucial.

These AI-powered systems create opportunities for cybercriminals to exploit predictability through sophisticated attacks, such as adversarial techniques, data manipulation, system exploits, and unauthorized intrusions. This is especially concerning for IT/OT and critical infrastructure sectors, where autonomous systems support industries such as mechanical process guidance.

6. Your “neighbor” may become your vulnerability

It is no longer enough to manage just the security of your own business systems. Organizations must manage ”neighbor” vulnerabilities as well. Through “nearest neighbor attacks”, cybercriminals exploit organizations’ system weaknesses though weak links such as their supply chain partners. How can organizations defend against lateral attacks originating from devices they neither own nor manage?

7. Cloud targeting

Global corporate transitions to cloud technology is creating more inroads for attackers. Common challenges such as data migration vulnerabilities, network security misconfigurations, insecure APIs, access management flaws, and weak encryption practices only amplify these risks. Lax security in configuring, accessing, and managing cloud infrastructure can leave organizations more exposed.

Regular cloud infrastructure audits, automated monitoring tools, and strict hygiene measures are essential to prevent threats such as cloud jacking, privacy breaches, and ransomware.

8. Identity-based attacks

Identity exploitation is a growing concern, with current security practices failing to curb it. Attackers will continue exploiting weaknesses in authentication methods. Once credentials are compromised, attackers can impersonate users across platforms, bypassing even two-factor authentication. This enables fake accounts, cross-IDP impersonation, and multi-access attacks.

As adversaries exploit systems for malicious purposes, verification methods must evolve to combat identity-based attacks and fraud. Adaptive verification can surpass two-factor and multifactor authentication based on risk factors such as location, device integrity, and behavior.

With increasing synthetic-identity fraud and system exploits, multifactorial verification may become standard, especially in sectors such as banking and finance.