Trend Micro released its 12 Cybersecurity Predictions today (December 16th), noting that hackers will continue to leverage AI technology to accelerate attack efficiency, expand attack scale, and create more realistic text and video content for AI-powered fraud. They will also seek out the most accessible and least invasive routes, such as abusing legitimate tools and attacking publicly accessible data. Furthermore, AI agents have become a coveted target for hackers. AI system vulnerabilities could be exploited to trick AI into performing harmful or unauthorized actions or even impersonating individuals. Both businesses and individuals must be vigilant against any potential cybersecurity risks posed by AI.
Trend Micro Taiwan General Manager Hung Wei-kan stated, "Advances in generative AI will make hacker attacks more stealthy and efficient. We predict that by 2025, hackers will fully exploit AI applications to make cybercrime even more devastating. Faced with the irreversible progress of AI, global cybersecurity risks and pressures are bound to intensify. Enterprises should shift from being reactive to proactive and adopt a risk-based cybersecurity approach for comprehensive risk assessment and management. As citizens of the AI era, everyone needs to strengthen cybersecurity awareness to ensure the responsible and safe use of AI."
AI-driven threat evolution: Fraud methods are becoming more realistic and efficient, and AI agents are becoming hacker targets.
Trend Micro predicts that the use of AI to continuously launch new social engineering scams will be one of the development focuses of hackers. For example, deepfake technology can be used to make social engineering scams more realistic and personalized. By simply using an individual's public posts to train a large language model (LLM), it is possible to imitate their writing style, knowledge and personality, and accurately attack the target. Enterprises must be particularly vigilant against face-changing scams (BEC) and AI face-changing scams that impersonate employees.
In addition, KYC bypass services (Bypass-KYC-as-a-service) have also become quite popular in the underground market in recent years. The three key elements that make up this service are the unintentional exposure of biometric information, leaked or stolen personal identification information, and increasingly powerful AI capabilities. The financial and insurance industries need to be cautious about this.
On the other hand, the AI agent systems that businesses are increasingly deploying to improve operational efficiency will become increasingly attractive targets for hackers. Hackers could hijack AI agents or exploit vulnerabilities in these systems to trick them into performing unauthorized or harmful actions, such as processing malicious commands, facilitating the leakage of sensitive data, or generating fake digital identities to deceive AI systems. Trend Micro recommends that businesses prioritize vulnerability and attack surface management and leverage basic data intelligence. They should also be vigilant against AI software supply chain attacks to avoid collateral damage caused by vulnerabilities in AI agents or suppliers.
Ransomware strategies shift, targeting Taiwanese SMEs
Trend Micro observes that ransomware groups are shifting their business models, reducing their reliance on phishing emails and instead leveraging stolen account information to directly access victim systems. They frequently incorporate malicious advertising to steal information, using data from corporate networks for subsequent ransomware attacks. Furthermore, according to Trend Micro Taiwan's security incident response service case statistics, nearly 2024% of targeted ransomware incidents in XNUMX will occur at small and medium-sized enterprises (SMEs), predicting that SMEs will continue to be targets of hacker attacks.
APT attacks continue, and supply chains must be integrated into cybersecurity risk management
As the international political landscape evolves, nation-state hacker groups such as Lazarus, Turla, and Pawn Storm are expected to remain active and intensify their attacks in 2025, targeting organizations whose ideologies conflict with theirs. These groups continue to focus on diplomatic information, military technology, and their supply chains. Trend Micro advises that organizations must proactively establish robust defenses, understand their role in the supply chain, and implement proactive risk management strategies to protect critical infrastructure and information.
Embracing AI transformation and looking ahead to enterprise security strategies in 2025
In 2025, AI will exacerbate traditional attacks: generating more realistic fake news and more customized phishing to strengthen APT attacks, generating malicious code to spread malicious programs, or targeting AI platforms/tools to launch ransomware attacks; at the same time, it will foster new attack methods: exploiting AI illusions to attack, using AI agents or AI vulnerabilities to cause data leaks, and engaging in unauthorized malicious activities, making cybercrime more difficult to prevent.
Trend Micro Senior Technical Consultant Jian Shengcai stated, "To address the increasingly complex attack surface, centralized asset management, holistic risk assessment, and enhanced security protection within AI-integrated environments (particularly in input validation, response validation, and AI action monitoring) will be three key areas for enterprises to prioritize in future security strategy planning. Furthermore, enterprises can leverage AI as a powerful tool for security protection, applying it to threat analysis, asset management, attack prediction, and remediation guidance. This will help enhance defenses and enable immediate responses to both new and existing AI-generated threats."
