Fortinet Predicts Bigger, Bolder Cyberattacks in 2025

Cybercriminals are expected to use specialized and aggressive tactics in 2025, according to Fortinet's FortiGuard Labs. In a threat prediction report, Fortinet highlights that future cyberattacks will involve a specialization in attack chains, the growing vulnerabilities in cloud environments, and the integration of physical threats into digital attacks.

"Cybercriminals are upping the ante to execute more targeted and damaging attacks, adopting sophisticated strategies that combine physical and digital threats," says Derek Manky, Head of Security Strategy and Global Vice President of Threat Intelligence, FortiGuard Labs.

Fortinet's report explains that attacks as a service (CaaS) are evolving toward greater specialization, which facilitates more targeted and effective attacks. In addition, the cloud and AI are emerging as key new areas of interest for attackers, driving a shift in the threat landscape.

Report Highlights

Cybercriminals are expected to invest more time in the initial phases of the attack, such as reconnaissance and weaponization, to increase effectiveness. CaaS groups now focus on offering specialized tools for specific segments, marking an evolution from generalized kits to customized solutions for different phases of an attack.

 A growing number of attacks are expected to target cloud environments. As organizations' increasingly rely on multiple cloud providers, these infrastructures have become priority targets. Exploitation of cloud-specific vulnerabilities is anticipated to increase, posing a challenge to security strategies.

Moreover, AI is powering the CaaS market, with tools enabling automated social network recognition and the development of more advanced phishing kits. This approach accelerates the execution of attacks and amplifies the scope of attacks.

Cybercrime manuals are also expected to include tactics involving physical threats, such as direct intimidation. This approach could be integrated with transnational criminal activities, including trafficking of goods and people.

Initiatives such as the World Economic Forum's Cybercrime Atlas underscore the importance of global collaboration to mitigate risks. An increase in public-private partnerships and the development of frameworks to effectively combat threats is expected.

FortiGuard Labs highlights the need to strengthen public-private cooperation to combat cybercrime. It also stresses that cybersecurity should be a shared responsibility within organizations, driving awareness and training programs. The report argues that a collective and coordinated response is essential to anticipate and neutralize the movements of cybercriminals, ensuring the protection of businesses and society.