Fortinet reveals the most worrying new trends in cybersecurity.
When physicist Niels Bohr observed the difficulty of predicting the future, cybercrime wasn’t yet a certainty alongside death and taxes. Today, in our interconnected world, it has become an unfortunate inevitability. FortiGuard Labs’ Threat Predictions for 2025 takes a bold step into this evolving territory, revealing the major new trends of the cybersecurity arms race, and key among them is easy access to specialised hacking skills offered commercially to anyone who might want to buy them.
“Among the top threats we’re expecting this year is increased specialisation and collaboration among bad actors, and attacks for hire with new, tailored cybercrime-as-a-service offerings,” says Glenn Maiden, director of threat intelligence operations, FortiGuard Labs, Australia and New Zealand, Fortinet.
“This means individuals or criminal groups looking to make money from cybercrime don’t have to be skilled hackers; they can, in the best tradition of outsourcing, hire someone to do the dirty work for them.”
These are processes that have occurred in the legitimate world since Scottish economist Adam Smith first proposed the division of labour as a route to improved productivity. The division of labour and specialisation is a serious worry when it’s applied to cybercrime, says Maiden, because nation states and organised criminal gangs can easily build a devastating attack from the components of dark web service offerings.
“When you have criminal groups like the Mafia or the Triads – groups known for their real-world illegal activities – cybercrime becomes quite attractive because it is a high gain, low-risk racket compared to those traditional criminal activities.”
Maiden says FortiGuard Labs has tracked cybercrime-as-a-service ecosystems for some time and believes Australasia should up its defences.
“Countries like New Zealand and Australia are ripe for attack. Per capita wealth is relatively high, and we have had things like compulsory superannuation for some time. Combined with the mass migration to digital financial services, we are all able to be targeted by bad actors from across the globe.”
Australasia has already seen high-profile instances of cyber extortion and ransomware attacks on businesses and hospitals, highlighting the need for heightened defences.
The report notes that, just as in the legitimate world, increased specialisation accelerates performance, meaning threat actors can carry out targeted attacks quickly with precision. They’re also likely to be using more advanced tools, including, of course, artificial intelligence (AI).
“While there are a number of jailbroken AI tools, it isn’t difficult to get something like ChatGPT to write you a customised phishing email in perfect English,” notes Maiden. “If you ask ChatGPT to write a phishing email, it will refuse on ethical grounds. However, if you ask it to write an invoice to a specific person or business drawing on their publicly available information, it won’t hesitate to help.”
Such developments make hackers more effective because, at the simplest level, the easy giveaways of a dodgy email – bad spelling and grammar – are no longer present, he says.
“There’s also the possibility of, for example, AI-enabled spear phishing at scale becoming prevalent. AI can leverage grammar and personality from public information to construct a phishing lure. When you get the fake communications from the attacker it will become extremely difficult, if not impossible, to differentiate from a legitimate email.”
Maiden highlights “blending” as a key concept from the Threat Predictions for 2025 report. This refers to the combination of attack modes: real-world and cyber tactics, and human and machine intelligence.
“A prominent example is the Mossad pager attack targeting Hezbollah operatives. This wasn’t specifically a cyberattack, but a cyber-enabled attack of breathtaking sophistication and reach, demonstrating how the combination of physical and technological methods – in this case, by a state actor – can achieve devastating, real-world harm to humans.”
Asked how concerned New Zealand organisations should be about an evolving threat environment, Maiden says “very”.
“The attack surface is global, and threat actors can make a point through a Distributed-Denial-of-Service attack as easily in Auckland as they can in Kyiv, Moscow, or Tel Aviv. Wars like those in Ukraine and the Middle East, or even an event like the United States presidential election, inflame tensions locally. We’ve seen the protests in New Zealand and Australia, and the DNA of malware related to those events quickly shows up locally,” he explains. “It is right on your doorstep.”
While the Threat Predictions for 2025 report may make for fascinating reading, Maiden emphasises the importance of focusing on security essentials. He notes that addressing the basics effectively can prevent or mitigate even the most advanced and sophisticated threats.
“With specialisation, cybercriminals for hire, and an ever-escalating threat environment, the best advice remains solid basics. You want to be prepared with a suitable defence architecture incorporating people, processes, and technology to proactively detect and rapidly repel any attack.
“When we are focused on the right things – not the bright and the shiny – we can make ourselves quite resistant to most attacks. A robust, layered defence must include trained security practitioners, proven process, appropriate technology, and a practised, flexible response plan.
“When the inevitable incident or breach occurs, a holistic layered defence strategy will make that incident go from a big problem to a minor nuisance.”
Download a copy of Fortinet’s Cyberthreat Predictions for 2025