2025 Global Cybercrime Predictions: Rising Threats and AI-Driven Scams

With the volatile economic situation expected to continue into 2025, cyber scammers will be working harder to take advantage of people when they are more vulnerable. Beinsure Media has collected the opinions of cybersecurity experts and presents a Cybercrime Predictions review.

Cybercriminals love to exploit seasonal opportunities, and consumers are facing a perfect storm of rising prices in the middle of the busiest shopping season of the year, when scammers are particularly active (see How to Reduce the Impact of Cybercrime?).

Many of these cyber scammers will trick their victims into giving up their personal information and their hard-earned money for products, services or “lottery winnings” that never arrive.

Reported ransomeware incidents and their severity have skyrocketed in recent years, with monetary estimates of global cyberattack losses at around $1.3 trln. The types of attacks and targeted sectors have also evolved.

The global annual cost of cyber crime is predicted to top $10 trln, according to a recent Cybersecurity Ventures report. This seemingly enormous figure might still be a major underestimate.

In 2024, U.S. financial institutions lost nearly $1.2 bn in costs due to ransomware attacks alone. That was a nearly 200% increase over the previous year. If we continue at that rate, next year could see global costs approaching $16 trln.

Scams are always harder to detect during the holiday season because consumers expect deep discounts and may believe prices that would normally seem too good to be true.

According to Roundy, prevailing inflation and other unfavourable macroeconomic factors are likely to make people hungrier for good deals, putting them more at risk of scams than in previous years.

Global cybercrime predictions for 2025

Cyber risks are considered as a top global risk for the financial sector and the economy as a whole (see New Cyber Risk & Ransomware Trends). The type of ICT risks to which the undertakings are exposed have not changed in the past years, however the frequency of incidents and the magnitude of their impact on financial entities has increased.

The frequency and severity of cyberattacks are ever increasing. Data breaches to steal personal information occur daily, but only the largest make the news. 

While inflation is not directly related to the number of incidents, it does impact company budget decisions. In response, some of the biggest tech brands are reducing headcounts and implementing hiring freezes.

Meanwhile, security teams have been stretched thin for years. If security budgets don’t rise with inflation, security leaders will have even less buying power to implement strong security and capable teams.

Scammers will prey on vulnerable consumers

Norton expects a rise in financial-based scams, such as fake government assistance programs, to steal personal identifiable information; shopping deal scams that steal personal information or fail to deliver the order, and romance scams asking emotionally vulnerable consumers for money or gift cards (see Ransomware Insurance and Cyber Risk Landscape).

Scammers continually evolve their tactics to exploit new vulnerabilities, adapting to changing technologies, economic conditions, and consumer behaviors. As systems and technologies advance, scammers find innovative ways to exploit their weaknesses.

With more activities moving online, including shopping, banking, and social interactions, there’s a larger attack surface for scammers. People unfamiliar with digital safety measures are especially at risk.

Older adults, who may be less familiar with digital technology and online scams, are often targeted. Scammers exploit their lack of digital literacy and sometimes their isolation.

As data breaches become more common, scammers gain access to personal information, which they can use to target individuals in more sophisticated and personalized scams.

This prediction underscores the need for continuous education on cybersecurity, fraud awareness, and the development of robust systems to protect consumers, especially those who are considered most vulnerable.

Short-staffed companies will be more open to vulnerabilities

Operating with smaller staff, short-staffed companies will experience a jump in data breaches and ransomware attacks. Hackers now use “triple extortion” techniques, and ransomware-as-a-service has lowered entry barriers to rogue actors (see Embedding Cyber Risk in Risk Management).

Small and medium-sized enterprises (SME) with little defence capacity have become easy targets for cyber criminals, while digitalisation of industries including the healthcare and critical infrastructure sectors, has increased vulnerabilities across entire supply chains.

When a company is short-staffed, there are fewer employees to monitor and manage various aspects of the business.

This can lead to lapses in overseeing critical processes, including security protocols, which can increase the risk of vulnerabilities being exploited.

Existing staff members may be overwhelmed with additional responsibilities, leading to burnout or errors. In the context of cybersecurity, this might mean that security checks are not conducted as rigorously or frequently, potentially leaving systems more susceptible to attacks.

Companies facing staffing shortages often have to prioritize immediate operational needs over other important aspects like employee training.

This issue results in insufficient cybersecurity training for employees, raising the likelihood of successful phishing attacks and other breaches due to human error.

Maintaining updated software and systems is vital for security, but it demands time and resources. Understaffed IT departments may find it challenging to keep up with required updates and patches, leaving systems exposed to known vulnerabilities.

Companies might use outsourced services to address these gaps. Although helpful, these third-party services can introduce new risks if they don’t follow strict security standards.

Advances in AI will make scamming easier

Norton said scammers will increasingly wield AI in their crimes as this technology becomes even more accessible and easier to use. As language and video AI models advance, scammers can imitate real people in real time with deepfakes to trick people into giving over their financial and personal information.

In the last two years, first-party claims have become dominant, with ransomware incidents from organised crime shifting damages to core business.

Firms, insurers and public authorities have redoubled risk management efforts, and industry associations and insurers have worked together to address the related issue of “silent cyber” by clarifying the scope of traditional policies.

Sophisticated Cyber Attacks. There will be more effective cyber attacks than ever, with bad actors leveraging Generative AI (GenAI) tools to find vulnerabilities in critical sectors. The use of AI for cyber defense will become essential for enterprises.

Anticipate more breaches

Cybercriminals are finding ways to breach standard multi-factor authentication technologies. Companies that continue to use weak two-factor authentication practices will leave themselves and their customers open to serious data breaches, which can lead to mass leaks of consumer information.

Norton expects to see more data breaches, making it even more critical for individuals to continue using unique, complex passwords across their accounts.

In 2021, the Russia-based REvil Ransomware-as-a-Service group was responsible for nearly 18,000 attack attempts in the U.S. alone. Members of the group were also behind the Colonial Pipeline attack.

The cyber gang claimed to rake in annual revenues of over $100 million. Some might forget it was the Russian government that eventually took down REvil. Reportedly, the takedown was part of a rare collaborative effort between the United States and Russia.

Blockchain and Cryptocurrency Cyber Attacks

Blockchain and cryptocurrency cyber attacks refer to various malicious activities targeting the technology underpinning cryptocurrencies and the blockchain systems themselves.

These attacks can take various forms:

1. 51% Attacks: This occurs when a single entity gains control of more than 50% of the network’s mining power. In blockchains using Proof of Work, this can enable the attacker to exclude or modify the ordering of transactions. They can also reverse transactions they made while in control, leading to double-spending.
2. Phishing Attacks: Similar to traditional phishing, this involves tricking individuals into revealing their private keys or security credentials. This is often done through fake websites or fraudulent emails.
3. Sybil Attacks: In this attack, the network is overwhelmed with nodes controlled by the attacker, making it difficult for the network to operate effectively. It’s more of a disruption than a method for stealing funds.
4. Routing Attacks: Here, the attacker intercepts data between the blockchain network and the rest of the internet. This can lead to delays in block delivery or transaction censorship.
5. Code Exploits and Smart Contract Vulnerabilities: Since blockchains and cryptocurrencies rely heavily on code, any vulnerabilities in this code can be exploited. This is particularly relevant for smart contracts, which, if poorly written, can contain loopholes that hackers can exploit.
6. Wallet Theft: Attacking individual cryptocurrency wallets, either by obtaining access to the private keys or hacking the wallet service providers, is another common attack method.
7. Exchange Hacks: Cryptocurrency exchanges have been frequent targets due to the large amount of funds they hold. Attackers often try to breach an exchange’s security to steal cryptocurrencies.
8. DeFi Exploits: Decentralized finance (DeFi) platforms, built on blockchain technology, have become a prime target due to their experimental nature and the significant amount of funds they handle.
9. Man-in-the-Middle Attacks: These occur when an attacker intercepts communications between two parties (like a user and a cryptocurrency service) to steal data or funds.
10. Pump and Dump Schemes: While not a direct attack on blockchain technology, these schemes involve artificially inflating the price of a cryptocurrency for profit, which can be seen as a type of financial attack.

The decentralized and often anonymous nature of blockchains and cryptocurrencies makes them attractive targets for cybercriminals. However, it’s also worth noting that the underlying blockchain technology is typically very secure, and many vulnerabilities arise from user error, poor security practices, or the experimental nature of some blockchain applications.

Global cybercrime damage predicted to hit $11 trln annually

According to Cybersecurity Ventures expects global cybercrime costs to grow by 15% per year over the next three years, reaching $10.5 trillion USD annually by 2025.

This represents the greatest transfer of economic wealth in history, risks the incentives for innovation and investment, is exponentially larger than the damage inflicted from natural disasters in a year, and will be more profitable than the global trade of all major illegal drugs combined.

Cybercrime costs include damage and destruction of data, stolen money, lost productivity, theft of intellectual property, theft of personal and financial data, embezzlement, fraud, post-attack disruption to the normal course of business, forensic investigation, restoration and deletion of hacked data and systems, and reputational harm.

Global cybersecurity spending will exceed $1.8 trln

The imperative to protect increasingly digitized businesses, Internet of Things (IoT) devices, and consumers from cybercrime will propel global spending on cybersecurity products and services to $1.8 trillion cumulatively for the five-year period from 2021 to 2025, according to Cybersecurity Ventures.

In 2004, the global cybersecurity market was worth just $3.5 billion and now it’s one of the largest and fastest-growing sectors in the information economy.

World will have 3.5 mn unfilled cybersecurity jobs

Every IT position is also a cybersecurity position now. Every IT worker, every technology worker, needs to be involved with protecting and defending apps, data, devices, infrastructure and people.

There will be 3.5 mn unfilled cybersecurity jobs globally — enough to fill 50 NFL stadiums — according to Cybersecurity Ventures.

This is up from Cisco’s previous estimation of 1 million cybersecurity openings in 2014. Surging cybercrime will result in a similarly large number of unfilled positions over the next 5 years.

As of 2024, the cybersecurity sector is facing a significant talent shortage, with millions of positions around the world remaining unfilled.

A study by ISC reported that over 3.1 mn cybersecurity positions were unfilled globally. This staggering number underscores the extensive need for skilled professionals in this field across the world​.

The global cybersecurity job vacancies experienced a substantial increase of 400% from 2013 to 2024, rising from 1 mn openings to 3.5 mn. This trend highlights the growing demand for cybersecurity professionals in the face of escalating cyber threats​.

Despite the cybersecurity workforce reaching 4.7 million people, there remains a need for more than 3.4 million additional professionals, a 26% increase from 2021. This growth has not met the rising demand.

In the United States alone, over 750,000 cybersecurity positions were unfilled in 2024, highlighting a significant part of the global talent gap in the U.S.

The data reveals an ongoing challenge in cybersecurity: a need for a much larger workforce to tackle the complexities of evolving cyber threats. This situation offers significant opportunities for individuals aiming to enter or advance in the cybersecurity field.

Global ransomware damage costs are predicted to exceed $270

Ransomware attacks will grow and evolve, using sophisticated phishing and social media tactics to compromise identity management systems.

Global ransomware damage costs were predicted to reach $25 billion annually in 2024, up from $325 million in 2015, which is a 57X increase. In a decade from now, the costs will exceed $270 billion.

Cybersecurity Ventures predicted that a business fell victim to a ransomware attack every 11 seconds in 2023, up from every 14 seconds in 2019. This makes ransomware the fastest-growing type of cybercrime.

The frequency of ransomware attacks on governments, businesses, consumers, and devices will continue to rise over the next 5 years and reach every two seconds by 2031.

World will need to cyber protect 210 zettabytes of data

Total global data storage is projected to exceed 210 zettabytes by 2025. This includes data stored on private and public IT infrastructures, on utility infrastructures, on private and public cloud data centers, on personal computing devices — PCs, laptops, tablets, and smartphones — and on IoT (Internet-of-Things) devices.

Cybersecurity Ventures predicts that the total amount of data stored in the cloud — which includes public clouds operated by vendors and social media companies, government-owned clouds that are accessible to citizens and businesses, private clouds owned by mid-to-large-sized corporations, and cloud storage providers — will reach 100 zettabytes by 2025, or 50% of the world’s data at that time, up from approximately 25% stored in the cloud in 2015.

Cyberinsurance market is predicted to hit $18 bn annually

The increasing rate of cyberinsurance adoption is expected to surge over the next decade, as the growing profile of large-scale cyberattacks — and the accompanying financial risk they impose — prompts company directors and executives to move to limit their company’s exposure to cybersecurity compromise.

Cybersecurity Ventures predicts the cyberinsurance market will grow from approximately $8.5 billion in 2021 to $14.8 billion in 2025, and exceed $34 billion by 2031, based on a CAGR (compound annual growth rate) of 15% over an 11-year period (2020 to 2031) calculated.

Cryptocrime is predicted to cost the world $35 bn annually

Rapid growth in the use of decentralized finance (DeFi) services is creating a new soft spot for global financial systems, fostering new methods of cryptocrime for cybercriminals whose “rug pulls” and other attacks will, Cybersecurity Ventures predicts, cost the world $30 billion in 2025 alone.

That’s nearly twice the $18 bn — and expected to grow by 15% annually as the cryptocurrency market continues to expand, fueling cybercriminals’ increasing interest in pilfering cryptocurrency stores.

Cybercriminals’ attention to crypto is manifesting in a range of ways, including direct exchange hacks and scams designed to trick people into handing over their cryptocurrency holdings for any number of false purposes.

Women are predicted to hold 30% of cybersecurity positions globally

Women hold 25% of cybersecurity jobs globally in 2023, up from 20% in 2019, and around 10% in 2013. This upward trend indicates a positive shift in gender diversity within the cybersecurity workforce.

The prediction is that by 2025, women will represent 30% of the global cybersecurity workforce, with a further increase to 35% by 2031​

This goes beyond securing corporate networks and includes IoT, IIoT and ICS security, and cybersecurity for medical, automotive, aviation, military defense, and other.

The gender gap becomes a chasm when we consider the top roles in cybersecurity. For example, women hold only 17 % of chief information security officer (CISO) roles at Fortune 500 companies.

Despite these improvements, women are still underrepresented in higher-level positions. For instance, women held only 17% of chief information security officer (CISO) roles at Fortune 500 companies, which translates to just 85 of 500 available CISO positions. This indicates a significant gender gap in leadership roles within the cybersecurity sector.

To address the gender disparity and the overall talent shortage in cybersecurity, initiatives are underway to encourage more women to join the field.

CISA recruits for various positions in cybersecurity and related fields. Emphasis is on STEM education and hands-on activities to prepare the future workforce.

Programs like the National Centers of Academic Excellence and CyberCorps: Scholarship for Service aim to prepare the next generation of cybersecurity professionals. They highlight the importance of early engagement and education in closing the gender gap and filling open cybersecurity jobs.

These statistics and initiatives demonstrate efforts to increase female participation in cybersecurity, recognizing the progress made and the challenges that remain in achieving gender parity in this critical field.

More than 90% of the human population will be online

Roughly one million more people join the internet every day. We expect there will be 6 bn people connected to the internet interacting with data in 2024, up from 5 bn in 2020 — and more than 7.5 bn internet users in 2030.

Reported that there were 5.16 bn internet users worldwide as of 2024, constituting 67% of the global population.

The number of internet users globally was expected to grow to 6.2 bn by the end of 2024, with the compound annual growth rate for the period from 2018 to 2023 being 6%.

This statistic indicates a significant and growing proportion of the world’s population is actively using the internet, according to Statista.

The number of internet users is expected to reach 6.54 bn by 2025. The countries with the highest number of internet users are China, India, and the United States, reflecting the global spread of internet connectivity.

The growth in internet users is driven by factors such as the increased affordability of devices, improved infrastructure, and innovative services. This underscores the growing integration of the internet into everyday life across diverse regions​​.

World will need to secure 400 bn lines of new software code

We estimate the world will need to secure 338 bn lines of new software code in 2025, up from 111 bn lines of new code in 2017, based on 15 % year-over-year growth in new code.

This little-known statistic has been one of the most important for CISOs and security leaders to take note of over the past 5 years.

Organizations globally have a major application testing and scanning chore on their hands which has been created (in part) by self-taught and renegade programmers who’ve generated a massive amount of insecure code.

Increase in digital supply chain attacks

With the rapid modernization and digitization of supply chains come new security risks. Gartner predicts that by 2025, 45% of organizations worldwide will have experienced attacks on their software supply chains—this is a three-fold increase from 2024.

Previously, these types of attacks weren’t even likely to happen because supply chains weren’t connected to the internet. But now that they are, supply chains need to be secured properly.

The introduction of new technology around software supply chains means there are likely security holes that have yet to be identified, but are essential to uncover in order to protect organization in 2024.

If you’ve introduced new software supply chains to your technology stack, or plan to do so sometime in the next year, then you must integrate updated cybersecurity configurations. Employ people and processes that have experience with digital supply chains to ensure that security measures are implemented correctly.

Mobile-specific cyber threats are on-the-rise

It should come as no surprise that with the increased use of smartphones in the workplace, mobile devices are becoming a greater target for cyber-attack. In fact, cyber-crimes involving mobile devices have increased by 22% in the last year, according to the Verizon Mobile Security Index (MSI) with no signs of slowing down in advance of the new year.

As hackers hone in on mobile devices, SMS-based authentication has inevitably become less secure. Even the seemingly most secure companies can be vulnerable to mobile device hacks.

Case in point, several major companies, including Uber and Okta were impacted by security breaches involving one-time passcodes in the past year alone.

This calls for the need to move away from relying on SMS-based authentication, and instead to multifactor authentication (MFA) that is more secure. This could include an authenticator app that uses time-sensitive tokens, or more direct authenticators that are hardware or device-based.

Double down on cloud security

As more companies opt for cloud-based activities, cloud security—any technology, policy, or service that protects information stored in the cloud—should be a top priority in 2024 and beyond.

Cyber criminals become more sophisticated and evolve their tactics as technologies evolve, which means cloud security is essential as you rely on it more frequently in your organization.

The most reliable safeguard against cloud-based cybercrime is a zero trust philosophy. The main principle behind zero trust is to automatically verify everything—and essentially not trust anyone without some type of authorization or inspection. This security measure is critical when it comes to protecting data and infrastructure stored in the cloud from threats.

Ransomware-as-a-Service is here to stay

Ransomware attacks continue to increase at an alarming rate. Data from Verizon discovered a 13% increase in ransomware breaches year-over-year. Ransomware attacks have also become increasingly targeted — sectors such as healthcare and food and agriculture are just the latest industries to be victims, according to the FBI.

Ransomware has plagued businesses, governments, individuals and organizations in nearly every sector.

Now it’s easier than ever for threat actors to access powerful ransomware tools. Even with modest technical skills, criminals can launch attacks that can cost companies millions.

Ransomware and other malware can be purchased for as little as $66. You can even get a phishing kit for free on underground forums. Meanwhile, the global average cost of a data breach is $4.35 million. And the majority of targets are already victims of repeat attacks (83% have had more than one breach, as per IBM Cost of a Data Breach report). Since accessing malware services and kits has never been easier, attack rates are bound to rise substantially.

With the rise in ransomware threats comes the increased use of Ransomware-as-a-Service (RaaS).

This growing phenomenon is when ransomware criminals lease out their infrastructure to other cybercriminals or groups. RaaS kits make it even easier for threat actors to deploy their attacks quickly and affordably, which is a dangerous combination to combat for anyone leading the cybersecurity protocols and procedures. To increase protection against threat actors who use RaaS, enlist the help of your end-users.

Data privacy laws are getting stricter — get ready

We can’t talk about cybersecurity in 2024 without mentioning data privacy laws. With new data privacy laws set to go into effect in several states over the next year, now is the time to assess your current procedures and systems to make sure they comply.

New state-specific laws are just the beginning; companies would be wise to review their compliance as more states are likely to develop new privacy laws in the years to come.

Data privacy laws often require changes to how companies store and processing data, and implementing these new changes might open you up to additional risk if they are not implemented carefully. Ensure your organization is in adherence to proper cyber security protocols, including zero trust, as mentioned above.

Cyberattacks are a real threat in today’s ever-evolving cyber risk landscape. COVID-19 pandemic has forced almost all organizations to speed up their digital transformation priorities. It changed the way organizations learn from and deal with cyber risks.

The surge in ransomware attacks drove loss ratios higher in 2024. Insurers responded by increasing prices, improving underwriting discipline, introducing sub-limits and coinsurance, clarifying terms and conditions, and excluding – or explicitly pricing for – cyber exposures in other property and liability policies.

Using industry type to classify risks is a good way to start pricing cyber risk, but insurers also need to consider a company’s data volume, data value, number of endpoints to protect and vendors (see Global Cyber Insurance Claims).

To protect against these threats, organizations will need to invest in robust security measures, stay up-to-date on the latest trends, and educate their employees about how to identify and avoid cyber attacks.

In summary, the future of cybercrime is likely to be marked by continued growth in ransomware attacks, increased use of AI and ML by cybercriminals, an increase in IoT attacks, the deployment of 5G networks, a focus on supply chain attacks, and the emergence of new cybercrime tactics and technologies.

These indicators all point towards a significant rise in cyberattacks and associated costs for 2024-2025. Efforts to stem the tide are underway from both the public and private sectors. Let’s hope the good guys soon gain the upper hand.

FAQ

……………………………

AUTHOR: Oleg Parashchak – CEO Finance Media & Editor-in-Chief at Beinsure Media