In recent years, cybersecurity has become an increasingly relevant topic for organizations, especially given the significant increase in cyber attacks. This year, the challenge will be even more complex, with the use of Artificial Intelligence on multiple fronts by criminals—as well as the growing complexity of digital systems and the sophistication of techniques used by cybercriminals.
Defensive strategies will need to evolve to address new challenges, such as the significant increase in the exfiltration of valid credentials and the exploitation of misconfigurations in cloud environments. From this perspective, we’ve outlined the main threats that will keep CISOs awake in 2025:
Valid credentials will be the main target
The 2024 IBM Threat Intelligence Index reported a 71% increase in attacks targeting the exfiltration of valid credentials. In the services sector, at least 46% of incidents involved valid accounts, while in the industrial sector, this number was 31%.
For the first time in 2024, the exploitation of valid accounts became the most common system entry point, accounting for 30% of all incidents. This shows that it is easier for cybercriminals to steal credentials than to exploit vulnerabilities or rely solely on phishing attacks.
Cloud misconfigurations are the Achilles’ heel of companies
With so many companies using cloud environments, it is natural that the complexity of managing them continues to increase, as do the challenges—and the difficulty in finding specialized personnel. Some of the most frequent reasons for cloud data breaches involve misconfigured cloud environments: absent access controls, unprotected storage buckets, or ineffective security policy implementation.
The benefits of cloud computing must be balanced with close monitoring and secure configurations to avoid exposing sensitive data. This requires an organization-wide cloud security strategy: continuous auditing, proper identity and access management, and automation of tools and processes to detect misconfigurations before they become security incidents.
Criminals will use multiple attack techniques
The days when attacks targeted a single product or vulnerability are over. This year, one of the most alarming trends in cybersecurity will be the increasing use of multi-vector attacks and multi-stage approaches.
Cybercriminals use a combination of tactics, techniques, and procedures (TTPs), targeting multiple areas simultaneously to breach defenses. There will also be an increase in the sophistication and evasion of web-based attacks, file-based attacks, DNS-based attacks, and ransomware attacks, making it harder for traditional, isolated security tools to effectively defend against modern threats.
AI-generated ransomware will exponentially increase threats
In 2024, the ransomware landscape underwent a profound transformation, characterized by increasingly sophisticated and aggressive cyber extortion strategies. Criminals have evolved beyond traditional encryption-based attacks, pioneering double and triple extortion techniques that exponentially increase pressure on targeted organizations. These advanced approaches involve not only encrypting data but also strategically exfiltrating sensitive information and threatening its public disclosure, forcing victims to consider ransom payments to avoid potential legal and reputational damage.
The emergence of Ransomware-as-a-Service (RaaS) platforms has democratized cybercrime, allowing less technically skilled criminals to launch complex attacks with minimal knowledge. Critically, these attacks increasingly target high-value sectors such as healthcare, critical infrastructure, and financial services, demonstrating a strategic approach to maximizing potential ransom returns.
Technological innovation further amplifies these threats. Cybercriminals are now leveraging AI to automate campaign creation, identify system vulnerabilities more efficiently, and optimize ransomware delivery. The integration of high-performance blockchain technologies and the exploitation of decentralized finance (DeFi) platforms provide additional mechanisms for rapid fund movement and transaction obfuscation, posing significant challenges for law enforcement tracking and intervention.
AI-generated phishing attacks will be a major problem
The use of generative AI by cybercriminals to create phishing attacks is making phishing emails nearly indistinguishable from legitimate messages. Last year, according to Palo Alto Networks, there was a 30% increase in successful phishing attempts when emails were written or rewritten by generative AI systems. Humans will become even less reliable as a last line of defense, and companies will depend on AI-powered security protections to defend against these sophisticated attacks.
Quantum computing will pose a security challenge
Last October, Chinese researchers claimed to have used a quantum computer to break RSA encryption—a widely used asymmetric encryption method today. The scientists used a 50-bit key—which is small compared to more modern encryption keys, typically 1024 to 2048 bits.
In theory, a quantum computer could take just seconds to solve a problem that conventional computers would take millions of years to solve, because quantum machines can process calculations in parallel, not just sequentially, as is currently the case. Although quantum-based attacks are still a few years away, organizations must start preparing now. They need to transition to encryption methods resistant to quantum decryption to protect their most valuable data.
