Emerging Threats: The Google Cloud Cybersecurity Forecast 2025 Report
The threat landscape is constantly evolving. AI-powered attacks, geopolitical tensions, and sophisticated cyber crime attacks are just a few of the challenges organizations will face in the coming year.
Google Cloud Cybersecurity Forecast 2025 report provides expert insights into the trends that will shape the future of cybersecurity. From the increasing use of AI by malicious actors to the impact of new regulations, this report offers a comprehensive look at the threats and opportunities on the horizon.
Every November, Google Cloud starts sharing forward-looking insights on threats and other cybersecurity topics to help organizations and defenders prepare for the year ahead. The recently released Cybersecurity Forecast 2025 report plays a big role in helping users accomplish this mission.
This year’s report draws on insights directly from Google Cloud's security leaders, as well as dozens of analysts, researchers, responders, reverse engineers, and other experts on the frontlines of the latest and largest attacks.
Key Threat Findings
Built on trends we are already seeing today, the Cybersecurity Forecast 2025 report provides a realistic outlook of what organizations can expect to face in the coming year. The report covers a lot of topics across all of cybersecurity, with a focus on various threats such as:
Attacker Use of Artificial Intelligence (AI): Threat actors will increasingly use AI for sophisticated phishing, vishing, and social engineering attacks. They will also leverage deepfakes for identity theft, fraud, and bypassing security measures.
AI for Information Operations (IO): IO actors will use AI to scale content creation, produce more persuasive content, and enhance inauthentic personas.
The Big Four: Russia, China, Iran, and North Korea will remain active, engaging in espionage operations, cyber crime, and information operations aligned with their geopolitical interests.
Ransomware and Multifaceted Extortion: Ransomware and multifaceted extortion will continue to be the most disruptive form of cyber crime, impacting various sectors and countries.
Infostealer Malware: Infostealer malware will continue to be a major threat, enabling data breaches and account compromises.
Democratization of Cyber Capabilities: Increased access to tools and services will lower barriers to entry for less-skilled actors.
Compromised Identities: Compromised identities in hybrid environments will pose significant risks.
Web3 and Crypto Heists: Web3 and cryptocurrency organizations will increasingly be targeted by attackers seeking to steal digital assets.
Faster Exploitation and More Vendors Targeted: The time to exploit vulnerabilities will continue to decrease, and the range of targeted vendors will expand.
More frequent cyberattacks as AI capabilities become more widely available
The Cybersecurity Forecast 2025 indicates that organisations may be hit more frequently by cyberattacks as AI capabilities become more widely available next year. The report also predicts that 2025 will be a transition year for AI in cybersecurity generally, with the technology beginning to facilitate semi-autonomous security operations ahead of becoming fully autonomous in the near future.
The integration of artificial intelligence into cyberattack strategies is emerging as a significant challenge for defenders. Attackers are expected to leverage large language models (LLMs) and AI tools to scale their efforts, automating phishing, identity theft, and social engineering attacks with alarming precision. Generative AI technologies also present a heightened risk for creating realistic deepfakes and bypassing standard identity verification measures. Organisations must prepare for adversaries that use AI to automate reconnaissance, streamline exploit development, and scale attacks in ways previously unseen.
Malicious actors will continue to use AI and large language models (LLMs) to develop and scale sophisticated social engineering schemes including phishing campaigns.
Google Cloud analysts also forecast that cyber espionage actors and cybercriminals will continue to leverage deepfakes for identity theft, fraud, and bypassing know-your-customer (KYC) security requirements.
For even more insights, hear directly from Google's security leaders: Charles Carmakal, Sunil Potti, and Phil Venables.
To download the full report, please visit https://cloud.google.com/security/resources/cybersecurity-forecast