Experts explore impact of artificial intelligence, global threat actor collaboration, supply chain vulnerabilities and more
- Artificial intelligence, including advanced sophistication of generative AI, to play an increased role in both cyberthreats and cyber defense.
- International collaboration between nation states and cybercrime groups to raise importance of global cybersecurity collaboration amongst like-minded nations.
- Supply chain vulnerabilities remain as individuals face new security threats from consumer products.
Key Insights Include:
- AI driving cybercrime | Mihoko Matsubara, Chief Cybersecurity Strategist, NTT Corporation
In 2025, the world will increasingly face cybercrime driven by AI, generative AI and deepfakes; actors who created ransomware with generative AI were arrested in China in November 2023 and Japan in May 2024. The world will see more ransomware, phishing attacks and business email compromise (BEC). VIPRE Security Group reported in July 2024 that 40% of their detected BEC messages were created by AI.
To counter growing AI-driven cyber threats, defenders must adopt AI-powered threat detection and response as well as cyber threat intelligence collection and analysis. Vectra AI found in 2023 that U.S. Security Operation Centers use 3.3 billion USD for manual triage. Without AI support, more defenders would suffer stress and burnout, which would only benefit attackers.
To fully take advantage of AI for cyber defense, organizations will have to seek a centralized platform to enable smooth workflow and analysis. Yet, organizations must also be mindful of overdependence on a single vendor and a widespread IT outage similar to the one by CrowdStrike in July 2024.
- Multinational attacks against like-minded nations | John Petrie, Counselor to the NTT Global CISO
From a nation state perspective, I think the continued cyberattacks by various nations (Russia, China, Iran, North Korea) against the defenses of like-minded nations (Japan, United States, Australia, United Kingdom, etc.) increases. In 2025, I believe China may instruct “Typhoon” assets to execute their offensive cyber operations against the west including Japan, United States, Europe, Australia, etc. in support of its strategic response to President Trump’s threat of tariffs. This may disrupt critical infrastructure (specifically IP, telecom, and control networks) where I believe that resiliency and redundancy capabilities will be extremely tested (and, in some areas, fail). The offenders can execute varying degrees of disruptive and potentially critical attacks from internal and external attack vectors.
- Supply chain attacks against weak links | David Beabout, Chief Information Security Officer, NTT Security Holdings
Supply chain attacks are anticipated to grow in frequency and impact. Threat actors are increasingly recognizing the cascading effects of targeting weak links within supply chains, as evidenced by incidents like the software update compromise at CrowdStrike earlier this year. Such attacks highlight the vulnerabilities within interconnected systems and the potential for massive downstream disruption across industries.
Organizations must prepare for these evolving threats by enhancing detection capabilities, reinforcing supply chain security and staying attuned to geopolitical risks.
- Collaboration between North Korean APT and Russian cybercrime groups | Taro Manabe, NTT Security Japan, Senior Manager, Professional Service Division
Shortly after the 2023 meeting between Kim Jong Un and Putin, our team observed a post on Telegram in the hacker community about a Russian hacker group in North Korea recruiting members to target banks. Reports suggests that personnel exchanges between Russian and North Korean hackers have already begun. While it is believed that various collaborations have taken place, few confirmed events have surfaced so far. We anticipate that more information will gradually come to light.
One potential collaboration involves the North Korean APT group “Jumpy Pisces” which was linked to a Russian ransomware attack revealed in October 2024.
This cooperation may become even more active in 2025, especially in the field of cryptocurrency, in which North Korea appears to be generating significant profits through cyberattacks. Additionally, North Korean APT involvement in ransomware attacks, an area where Russian cybercriminals excel, may become even more prominent in the new year.
- Rise in consumer protection transparency and regulation | Itaru Kamiya, Senior Researcher, NTT-CERT
In 2025, threats to embedded products or services will continue to increase. If every product or service discloses to consumers how the products are produced, manufactured and are delivered to consumers’ hands, consumers awareness about the risk of using certain products or services will increase. Consider: In many countries, food products are required to clearly indicate the names of their ingredients. And by ensuring that food items are sealed at the production site and then displayed in stores, it is guaranteed that there will be no tampering during the distribution process. I believe that a strategy for consumer electronic products and services similar to that used for food products will be required in the future.
