As we advance further into the digital age, the cybersecurity landscape continues to evolve at an unprecedented pace. Google has released its cybersecurity forecast for 2025, and it's interesting.
It's interesting to see how the threat landscape changes every year, and 2025 definitely feels different. This authoritative report, featuring insights from leading security experts, including Sunil Potti, VP/GM of Google Cloud Security, and Sandra Joyce, VP of Google Threat Intelligence, offers a detailed roadmap for organizations navigating the increasingly complex threat landscape.
AI: Good and Bad
Artificial Intelligence (AI) is creating a battlefield that all criminals want to be in. Cybercriminals can automate and expand the use of operational phishing attacks, voice phishing, or even social engineering, including deepfakes, that have become almost indistinguishable, particularly with the help of generative AI.
Still, it's not all bad. Google does talk about the good of AI. The bad is a relatively new issue. AI is helpful for defenders with newly established semi-autonomous Security Operations Centers (SOCs) that are driven by AI and support collecting large datasets to streamline attacks by identifying and addressing the most pressing issues.
To combat the rise of AI tools scraping personal information from the web (and data brokers who sell and trade that information for profit), data removal tools have been developed.
Data removal services automate the process of takedown requests, allowing anyone to request their information be removed from databases so that one person can get hundreds or thousands of requests processed—greatly reducing spam and scam attempts, as well as identity theft risks.
The "Big Four" and Geopolitical Threats
Google names Russia, China, Iran, and North Korea the most state-affiliated cyber threat landscapes - the big four, they're calling it. These state actors are expected to continue sabotaging critical infrastructures globally.
Espionage, ransomware, and information operations are what they're using for these state-actor-sponsored attacks. For example, these nations can use AI-enhanced content creation to whitewash people's perceptions towards them and build a platform of lies with high credibility. It happened with the US elections.
Such uncontrolled criminals are now planning their moves, and businesses and governments must evolve, build up their defenses, and prepare for these threats.
The Ransomware Evolution
Ransomware is one of the most problematic types of cybercrime and poses a threat that keeps escalating - one study found that 59% of organizations were the victim of ransomware attacks in 2024.
Google points out that there is a trend of more complex forms of extortion, where criminals encrypt files and broker sensitive information.
This condition increases the chances of existing clients settling for the criminal's demand, increasing the chances of success and damages caused by ransomware. And that's exactly what's happening - 16.3% of organizations paid the ransom in 2024 compared to 6.9% in 2023.
Organizations must be well prepared by having enough systems and proper incident management.
Infostealer Malware and Post-Quantum Challenges
Infostealer specializes in malware with low-complexity encryptions and attacks, and the concentration of the minimum risk is bearing good results.
That enables low-level threat actors to access high-credential breached organizations and steal credentials and sensitive information.
According to Google, such campaigns might grow in number in 2025, making establishing adequate security mechanisms on endpoints essential.
Quantum computers also form part of the threat landscape. Even though these are still in the early days - recent developments are only just happening in China - quantum technology has the potential to compromise current encryption systems. Organizations are advised by Google to take action to prepare for the potential threat of post-quantum cryptography, which would jeopardize the safekeeping of their data.
Conclusion
Google's Cybersecurity Forecast 2025 is crucial for organizations preparing for future security challenges. The report emphasizes the need for a proactive, comprehensive approach to cybersecurity that combines technological innovation with strategic planning.
As VP of TI Security & CISO at Google Cloud, Phil Venables, notes, "2025 is going to be the year when AI moves from pilots and prototypes into large-scale adoption." Organizations must adapt their security strategies while leveraging new defensive capabilities to avoid evolving threats.
This forecast underscores the importance of maintaining robust cybersecurity measures while preparing for emerging challenges in our increasingly connected world. Organizations that embrace these insights and implement recommended strategies will be better positioned to protect their assets and maintain operational resilience in 2025 and beyond.
So, as you can see, the threat landscape is changing. There's so much to think about in 2025, and it'll be interesting to see how correct Google's forecast is.