Mike Gillespie of the information security consultancy Advent IM offers us his latest thoughts, on evolving IT security threats.
The IT security landscape is constantly evolving, and the next five years will likely see a mix of emerging threats, enhanced attack techniques, and new vulnerabilities. The year 2024 saw the introduction of several vulnerabilities including; Google Chromium V8, Apache Pulsar and Citrix NetScaler ADC to name a few. Additionally in 2024, we saw the increase in use of Quishing (or QR Code Phishing) and generative AI powered phishing, where threat actors use AI to craft more convincing emails, often tailored to the audience by monitoring their online presence. So, what do we need to look out for in 2025?
Over the past 12 months, UK consumers lost an estimated £11.4 billion to various scams, including phishing according to CIFAS. This marks a notable rise compared to the previous year, with victims losing an average of £1,400 each. Despite increased public awareness, scams like fraudulent delivery notifications and online investment schemes remain prevalent, frequently targeting individuals through email, text messages, and social media.
The money stolen through scams has a devastating ripple effect on society, directly fuelling criminal enterprises such as illegal arms trade, drug and human trafficking, and extensive money laundering networks. In some cases, these funds are even channelled to support terrorism, amplifying global threats. Beyond these criminal activities, the economic fall-out impacts legitimate businesses, which face skyrocketing operational costs to recover from data breaches, rebuild their reputations, and bolster security measures to prevent future incidents.
Money stolen through scams is increasingly reinvested to enhance and develop sophisticated cybercrime tools. Criminal networks use these funds to acquire advanced technologies such as phishing kits, ransomware-as-a-service, and state-of-the-art hacking tools, continuously evolving their tactics to outpace security measures. This relentless innovation places immense pressure on IT security teams, which must constantly adapt to counter threats from criminals who are perpetually one step ahead. The cycle of reinvestment not only escalates the scale and complexity of cyberattacks but also exacerbates vulnerabilities across digital infrastructures, creating an ongoing challenge for organisations and society as a whole.
Growing threat
To address the growing threat of phishing, scams, and hacking, organisations must adopt a comprehensive and proactive approach. A robust strategy includes implementing employee awareness and training programs to educate staff on recognising and responding to threats effectively. In addition, deploying technical safeguards such as multi-factor authentication (MFA), advanced email filtering, and endpoint protection can significantly reduce the risk of successful attacks.
Organisations should also focus on threat intelligence sharing, collaborating with industry peers and cybersecurity networks to stay ahead of emerging threats. Policy enforcement plays a critical role, ensuring employees follow best practices such as using approved tools and adhering to access controls. Regular software updates and patching are essential to close vulnerabilities that phishing campaigns often exploit.
AI blurs the line
Finally, partnering with cybersecurity experts helps strengthen defence through expert audits, threat monitoring, and response planning. These combined measures not only mitigate risks but also build a resilient security framework to protect against evolving cyber threats.
As artificial intelligence blurs the line between human and machine attackers, and quantum computing threatens to unravel encryption standards, the challenges facing our IT Security teams in the coming years will be unlike anything we’ve seen before. Meanwhile, escalating geopolitical tensions are propelling us into a new era of warfare, where state-sponsored cyberattacks have become the weapon of choice for disruption, espionage, and dominance. Security teams will need to safeguard against politically motivated cyber threats that can target critical infrastructure, intellectual property, and sensitive national data while also considering the increase of supply chain attacks and the real-world impact when you face the prospect of not being able to do business.
More
See also Mike’s firm’s podcasts – https://www.advent-im.co.uk/content/podcasts/. See also the Advent IM blog, for example recently on the announcement that the Ministry of Defence was hit by a cyberattack.
