According to a report by Data Security Council of India (DSCI) and Seqrite, artificial intelligence (AI)-driven and deepfake-enabled cyberattacks are anticipated to become increasingly prevalent in 2025 with sectors like healthcare and finance most prone targets.
The report mentioned that deepfake technology will create compelling malicious content, including fake video or audio messages from trusted sources. This will facilitate more effective social engineering attacks, making it easier for cybercriminals to deceive users into executing malware or revealing sensitive information. Moreover, the integration of AI capabilities with vulnerabilities in supply chains will lead to new types of cyber threats.
As per the report, cybercriminals will employ AI-driven methods to execute intricate attacks, taking advantage of compromised development resources and hardware manufacturing processes to insert malicious code through corrupted libraries and embedded hardware. As AI tools become more accessible, attackers can automate and scale their operations, making it easier to target a wider range of victims. This trend will likely lead to a surge in ransomware attacks, where malicious actors demand payment for the restoration of compromised data.
It added that the rise of internet devices will open new avenues for cybercriminals to develop large-scale botnets. Vulnerabilities in poorly secured devices will be exploited to carry out distributed denial-of-service (DDoS) attacks, which could disrupt essential services in industries such as manufacturing and healthcare that depend on edge computing.
Furthermore, the convergence of fake government service applications and fraudulent investment platforms will create hybrid threats in 2025. Cybercriminals will create advanced applications that mimic government benefit systems and investment services, using social engineering, influencer marketing, and sophisticated malware to carry out widespread financial fraud and identity theft, targeting public welfare recipients and retail investors alike. Additionally, it mentioned that the rise of cryptocurrency mining will invite a surge in cryptojacking attacks, where malware hijacks computing resources to mine cryptocurrencies without the user’s knowledge.
The report highlighted that the changing threat landscape of 2025 requires chief information security officers to fundamentally rethink their cybersecurity strategies. The traditional security models are becoming ineffective against emerging quantum threats and AI-driven attacks. It recommended embracing AI and machine learning for threat detection and response. The report advocated for a focus on not just prevention, but cyber resilience, as the need of the hour.
