Means, Motives & Opportunities

Uploaded on 2024-12-27 in TECHNOLOGY--Resilience, FREE TO VIEW

What cyber risks can your organization expect in 2025? We'll explore the factors that drive cyberattacks and the threats they will create in the new year.

You are probably familiar with the "means, motive, opportunity" triad from crime shows or courtroom dramas. In cyberattacks, the "means" are the tools at attackers' disposal.

Means

In 2025, hackers will continue to use proven methods like phishing, ransomware, and password cracking, but these will evolve. Generative AI and Large Language Models (LLMs) will make phishing emails more convincing, while deepfakes will aid in creating realistic voice and video scams. AI will also mutate malware code, evading signature-based detection.

Advances in computing hardware will make password cracking faster and easier. 

Cybercriminals are also becoming more organized, dividing tasks among specialized groups - those handling initial access, malware deployment, or ransom collection - creating economies of scale.

Lastly, people remain key vulnerabilities. Social engineering exploits human errors, such as clicking malicious links or falling for scams, making individuals unwitting tools in attacks.

Motive

Attackers’ motives are usually financial or political. Financial motives will remain strong, with ransomware extortion expected to reach record levels in 2025. Political motives include destabilizing societies, spreading disinformation, or undermining governments through fake media.

King Louis the Fourteenth of France famously had the phrase ultima ration regum cast on cannons - "the last resort of kings". Military goals are ultimately the outcome of political goals. For instance, a cyberattack could be launched on satellite communication systems to blind enemy forces. It has happened before and is very likely to happen again in the future.

Opportunity

Opportunities are external factors attackers exploit to advance their goals. Every organization presents a potential opportunity, but those with valuable assets, known vulnerabilities, or weaker defenses are especially attractive.

As a rule of thumb, crises and uncertainty create opportunities for cyberattacks. In 2025, geopolitical tensions, such as the Russian invasion of Ukraine, Chinese expansionism, the Syrian government's collapse, and a leadership change in the country which simultaneously has the world's biggest economy and the world's most powerful armed forces, will provide fertile ground.

In the same vein, pandemics also indirectly heighten cyber risk. A new outbreak would create a polycrisis that attackers would exploit.

The Predictions

Given these factors, the following threats will likely dominate in 2025:

1. Top Attack Types 
Ransomware, Data Leaks, and DDoS Attacks will remain the top threats, with attackers leveraging zero-day vulnerabilities and compromised credentials to gain system access.

2.  Physical Systems Under Attack
Cyberattacks affecting physical infrastructure will increase due to their high return on investment for attackers. Defense and other critical infrastructure sectors like power, water, and telcos will be prime targets.

3.  Fused Financial & Political Goals
Financial and political motives will get more mixed. North Korea will continue funding its political ambitions through financially motivated cyberattacks. Russia is expected to expand its use of cybercriminal gangs, blending criminal and state-sponsored activities to obscure its involvement.

4.  Disinformation
Ongoing political tensions and likely political disruptions will be accompanied by a crescendo of disinformation, as nation-state attackers will try to sow discord and position themselves favorably in the public's perception.

5.    Exploitation of Crises
Major crises will fuel phishing campaigns and other attacks. From potential disease outbreaks like mPox or avian flu, to wars, coups, and infrastructure failures, attackers will exploit public uncertainty and fear.

What You Should Do

In 2025, means, motives and opportunities will lead to an increase in cyber attacks, increasing cyber risk for organizations. But that does not mean that your organization is helpless.

To understand how you can mitigate those risks, find a partner with deep expertise in cybersecurity and a broad set of solutions that can engage in a conversation with you about your cybersecurity needs. 

Kurt Thomas is Senior System Engineer at Fortra 

Image: 

You Might Also Read: 

Understanding The Threat Of QR Codes & Quishing:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Cybersecurity Measures To Enhance Data Security In 2025
Cybersecurity: What Can We Expect In 2025? »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

RedTeam Security

RedTeam Security

RedTeam Security is a provider of Penetration Testing, Social Engineering, Red Teaming and Red Team Training services.

X-act Forensics

X-act Forensics

X-act forensics are computer forensic experts with experience in cases of computer fraud, intellectual property theft, and social networking cases.

CUIng.org

CUIng.org

The CUIng initiative was launched to tackle the problem of criminal exploitation of information hiding techniques.

NRD Cyber Security

NRD Cyber Security

NRD Cyber Security create a secure digital environment for countries, governments, and organisations and implement cybersecurity resilience enhancement projects around the world.

Secure-NOK

Secure-NOK

Secure-NOK provides products and solutions that detect and remove security attacks and harmful events in industrial networks and control systems.

North American Electric Reliability Corporation (NERC)

North American Electric Reliability Corporation (NERC)

NERC is a not-for-profit international regulatory authority whose mission is to assure the reliability and security of the bulk power system in North America.

RazorSecure

RazorSecure

RazorSecure offers products and services to enhance railway cyber security, by protecting and monitoring networks and key systems.

Tessian

Tessian

Tessian (formerly CheckRecipient) is a next-generation email security platform that helps enterprises counteract human error and significantly reduce the risk of data loss.

NJVC

NJVC

NJVC delivers IT automation, optimization and security to empower mission-enabling IT for customers with secure requirements.

Global Resources

Global Resources

Global Resources' planning and management capabilities support city, regional, and national utility and infrastructure management, and information systems and cyber security service delivery.

gener8tor

gener8tor

The gener8tor Cybersecurity Accelerator offers a cutting-edge program in San Antonio, home to the second-largest concentration of cybersecurity experts in the United States.

Avrem Technologies

Avrem Technologies

Avrem Technologies is a business IT and cybersecurity consulting firm. We design, implement, manage and monitor the networks, servers, computers and software that our clients rely on each day.

Snare

Snare

Snare is a comprehensive set of event monitoring and analysis tools designed to address critical auditing and security requirements.

Emerge Digital

Emerge Digital

Emerge Digital is a technology and digital innovation business and Managed Services Provider providing solutions to SMEs.

Btech

Btech

Btech is the market leader in providing affordable managed IT security services for credit unions.

Sprinto

Sprinto

Ambitious tech companies all over the world trust Sprinto to power their security compliance programs and sprint through audits without breaking their stride.