Generative AI and Cybercrime-as-a-Service will be making cybercriminals more efficient and destructive at minimal outlays this year. Find out how.
In 2025, the analysts from Fortinet’s FortiGuard Labs anticipate seeing several unique trends emerge.
First, a new wave of specialized and AI-driven attacks is expected as more organized cybercriminals start offering Cybercrime-as-a-Service (CaaS).
First, a new wave of specialized and AI-driven attacks is expected as more organized cybercriminals start offering Cybercrime-as-a-Service (CaaS).
According to the firm’s Country Head (Singapore and Brunei), Jess Ng: “These trends reflect how threat actors are continually pushing the envelope as they strive to carry out more precise and large-scale attacks. Our predictions underscore the need for organizations to remain vigilant in staying ahead of the ever-evolving cyber threat landscape.”
Emerging threat trends
Five cyber trends to watch for this year, according the analysts, include:
- CaaS democratizes cybercrime further: In recent years, cybercriminals have been spending more time bolstering the reconnaissance and weaponization phases of the cyber kill chain. As a result, threat actors have been improving how they carry out targeted attacks quickly and more precisely. While CaaS providers of the past were offering customers everything needed to execute an attack (from phishing kits to payloads), many in 2025 will increasingly embrace specialization, focusing on providing offerings that home-in on just one segment of the attack chain.
- Cloud vulnerabilities set to grow: While targets such as edge devices will continue to capture the attention of threat actors, defenders must pay close attention to their cloud environments. Although cloud tech is not new, given that most organizations rely on multiple cloud providers, we expect more cloud-specific vulnerabilities being leveraged by attackers in 2025.
- AI will power the Dark Web marketplace: CaaS providers can access a seemingly endless number of attack vectors and associated code to power with AI. The firm expects this trend to flourish, with more attackers using the automated output from large language models to power neatly-packaged phishing/ransomware/social media reconnaissance and other kits to grow the market.
- Combine online threats with physical danger: Another cyber prediction is that adversaries will expand their playbooks to combine cyberattacks with physical, real-life threats. The firm’s experts have already been seeing some cybercrime groups physically threaten an organization’s executives and employees in some instances, and this will likely become a regular part of many cybercriminal playbooks. As a consequence, transnational crime (drug trafficking, smuggling people or goods, and more) will become a regular component of more sophisticated playbooks, with cybercrime groups and transnational crime organizations collaborating.
Enhancing collective cyber resilience
Cybercriminals will always find new ways to infiltrate organizations. Yet the cybersecurity community can exploit numerous opportunities to collaborate, to improve prediction of adversaries’ next moves and interrupt their activities in a meaningful way, according to Fortiguard Labs experts.
The value of industry-wide efforts and public-private partnerships cannot be overstated, and the firm anticipates that the number of organizations participating in these collaborations will grow in the coming years. Additionally, organizations must remember that cybersecurity is everyone’s job, not just the responsibility of the security and IT teams. Implementing enterprise-wide security awareness and training, for example, is a vital component of managing risk.
Finally, other entities have a responsibility to promote and adhere to robust cybersecurity practices, ranging from governments to the vendors that manufacture the security products, the FortiGuard experts reiterate.
