Industry executives and experts share their predictions for 2025. Read them in this 17th annual VMblog.com series exclusive.
By Dr. Darren Williams, CEO and
Founder of BlackFog
As we look ahead to 2025, cyberthreats are
evolving rapidly, and several key trends are likely to shape the landscape next
year.
From the rise of lesser-known ransomware
gangs who have their sights set on critical sectors, to more sophisticated and
damaging deepfakes, Dr. Darren Williams, CEO and Founder of BlackFog, has
identified the top challenges organizations are likely to face in the coming
year and beyond.
The rise of new ransomware groups will accelerate
exponentially
Emerging gangs like Hunters International
are poised for rapid growth as they adopt AI-powered tools that enable them to
attack with greater speed and efficiency. As a result, successful attempts are
likely to become more frequent. A recent example of this is the Clop
ransomware gang, which gained significant traction in 2024 by using AI-driven
tactics to exploit zero-day vulnerabilities. Their attacks on high-profile
targets, such as MOVEit file transfer services, resulted in widespread data
breaches and had significant repercussions across the corporate world.
There's no loyalty in the criminal
underworld and "gang-hopping" - where cybercriminals move between groups, chasing
the next big ransom opportunity - will continue to make group monitoring and
attack attribution more challenging for security teams. As attackers tend to follow
money over loyalty to any groups, I expect to see criminal gangs evolving despite
law enforcers best efforts to disrupt their activity.
Attackers persistently target
industries and organizations that offer them the opportunity to cause the most
significant disruption. In 2024, some of the most
damaging attacks were those in which the collateral damage extended beyond data
and systems, impacting the wellbeing and safety of individuals. Repeated
attacks on health providers hit the headlines from the BlackCat/ALPHV attack on Change
Healthcare in February, which left many patients struggling to access care, to
the attacks in the UK on Synnovis, which led to the cancellation of patient
appointments.
Sectors such as health and education, which
face challenges with limited defense resources, outdated legacy infrastructure
and highly sensitive information, are highly attractive targets for attackers
and as such will continue to be exploited through next year.
AI-powered tools will accelerate
phishing and deepfakes
Attackers continually evolve their
techniques to stay ahead of the curve and, even as organizations adopt more
advanced protection, criminals are developing ever more convincing scams. To
this end, attackers will take advantage of AI-driven tools to launch more
advanced and believable phishing attacks. The new generation of AI-generated deepfake
technology is also posing extraordinary risks making it virtually impossible to
distinguish fake from real.
Using sophisticated methods to develop ‘footage'
of high-profile figures and organizations, deepfakes not only cause significant
reputational damage, but also open up new ways for scammers to commit fraud.
Tackling alert fatigue
As security stacks continue to grow,
leaders in the field must also confront the escalating issue of alert fatigue.
This challenge stems from teams managing a multitude of disconnected tools
instead of relying on well-integrated solutions. I anticipate many security
leaders will prioritize quality over quantity, focusing on unified security
platforms, which aim to consolidate threat detection and response capabilities,
reducing duplication and alleviating alert fatigue for overwhelmed teams.
Looking ahead to next year, it's clear that
organizations will have a whole range of cybersecurity challenges to contend
with.
Ransomware continues to be a thriving
industry, with criminal gangs intent on developing new techniques and
strategies to steal data, extort money and cause mass disruption.
As cybercriminals increasingly employ
AI-powered advanced technology to target specific companies and even
individuals, organizations must proactively prepare. Regardless of their size
or sector, the reality is that they must assume they are a target and have the right
policies, procedures and tools in place to safeguard their data and effectively
recover from an attack.
##
ABOUT THE AUTHOR
Dr. Darren Williams, Founder & CEO, BlackFog
Dr. Williams is a serial entrepreneur and
founder of 3 technology startups. He is currently the founder and CEO of
BlackFog, Inc. a global cybersecurity company focusing on ransomware prevention
and cyber warfare. Dr. Williams has pioneered anti data exfiltration (ADX)
technology for the prevention of cyber attacks across the globe.