2025网络安全与人工智能威胁态势报告 英文版 .docxVIP

REPORT

Cybersecurityand

theAIThreatLandscape

Keyinsights,emergingtactics,

andanticipatedchallengesfor2025

DELINEALABSREPORT

CybersecurityandtheAIThreatLandscape:

Keyinsights,emergingtactics,andanticipatedchallengesfor2025

ExecutiveSummary

In2024,thecybersecuritylandscapewasmarkedbyadramaticsurgeinthreats,drivenbysophisticatedtacticsandemergingtechnologies.Infostealermalwareledtosignificantbreaches,suchastheSnowflakeincident,compromisingsensitivepersonalandfinancialdata.AI-generatedphishingandsocialengineeringattacksbecamemoreprevalent,successfullyevadingtraditionaldefenses.

Non-HumanIdentities(NHIs)emergedascriticalassetsforautomatingworkflows,yetmostofthemwerenotrotatedwithinrecommendedtimeframes,leavingthemexposedtopotentialcompromise.Thefinancialsectorfacedawaveofdeepfakefraudattempts,underscoring

thegrowingmenaceofAI-assistedidentityfraud.Meanwhile,ActiveDirectoryremainedaprimetargetforransomwareattacks,causingwidespreadoperationaldisruptions.Multi-factorAuthentication(MFA)wasimplicatedinnearlyhalfofsecurityincidents,oftenduetomisconfigurationsandfraudulentpushnotifications.Ransomwareattacks,leveragingdoubleextortiontacticsandRansomware-as-a-Service(RaaS),targetedsectorsliketechnology,manufacturing,andconstruction,withadvanceddigitalinfrastructuresintheUS,UK,andIsraelbeingprimetargets.

Weanticipateanevenmorechallengingthreatlandscapein2025.AI-drivenransomwareanddeepfakeattacksareexpectedtobecomemorefrequentandsophisticated,amplifyingtherisktobusinessesandcriticalinfrastructure.Hyper-personalizedphishingcampaigns,fueledbyAI’sabilitytosynthesizevastamountsofpublicdata,willmakeitincreasinglydifficultforuserstodistinguishlegitimatecommunicationsfromthreats.Additionally,attackersarelikelytointensifytheirexploitationofnon-hu