Trend Micro Incorporated (TYO: 4704; TSE: 4704), a renowned global leader in cybersecurity, has issued a warning about the rise of hyper-personalized, AI-powered attacks. These advanced threats, expected to emerge in 2025, could amplify scams, phishing, and influence operations on an unprecedented scale.
To explore Trend Micro’s cybersecurity predictions for 2025, titled The Easy Way In/Out: Securing The Artificial Future, visit their official report: Trend Micro Predictions for 2025.
The Role of Generative AI in Cybersecurity Threats
Sharda Tickoo, Country Manager for India and SAARC at Trend Micro, stated, “As generative AI becomes increasingly ingrained in businesses and societies, we must remain vigilant against emerging threats. Hyper-personalized attacks and agent AI subversion demand a collective industry effort for mitigation.”
Tickoo further emphasized the evolving nature of cyber risk, highlighting that all security risk now equates to business risk, potentially disrupting future strategies if not addressed.
Emerging Threats: Malicious Digital Twins
According to the report, malicious digital twins are a significant upcoming threat. These digital entities could be created using breached/leaked personal information (PII) to train large language models (LLMs). These models would mimic a target’s knowledge, personality, and communication style. When paired with deepfake video/audio and compromised biometric data, these malicious tools could facilitate identity fraud and social engineering attacks, including “honeytrapping” victims.
Key Uses of Deepfake Technology in Cybercrime
Deepfake technology, combined with AI, may also be used to execute large-scale hyper-personalized attacks, such as:
- Enhancing business email compromise (BEC) and fake employee scams.
- Targeting victims for pig butchering scams.
- Using LLMs to filter personalities during conversations, making scams more convincing.
- Creating authentic-seeming social media personas to disseminate misinformation and scams.
- Gathering open-source intelligence for pre-attack preparation.
AI Adoption and Associated Risks
As more businesses adopt AI technology in 2025, additional risks will arise, including:
- Exploitation of vulnerabilities in AI agents to force unauthorized actions.
- Accidental information leakage through generative AI.
- Overconsumption of system resources, leading to denial of service attacks.
Non-AI Threats to Watch in 2025
Beyond AI-related threats, Trend Micro’s 2025 predictions report identifies critical concerns, such as:
- Vulnerabilities
- Exploitation of memory management bugs and APIs.
- Escaping from containers.
- Use of older vulnerabilities like cross-site scripting (XSS) and SQL injection.
- A single vulnerability impacting connected systems like vehicle ECUs.
Ransomware Trends
Cybercriminals are refining ransomware techniques, including:
- Targeting systems without endpoint detection and response (EDR) tools, like cloud, IoT, and mobile devices.
- Using bring your own vulnerable driver (BYOVD) methods.
- Concealing malicious code within loaders to evade detection.
- Redirecting Windows subsystem execution to bypass EDR/AV systems.
These advanced tactics will result in faster attacks with fewer steps, making detection significantly harder.
Countermeasures Against Emerging Threats
To counter these challenges, Trend Micro recommends the following:
- Adopting a risk-based approach to cybersecurity to prioritize asset protection effectively.
- Leveraging AI tools for threat intelligence, attack path prediction, and remediation through centralized platforms.
- Updating user awareness training to address AI-driven cybercrime techniques.
- Securing AI by validating inputs and responses, implementing robust sandboxes, and preventing prompt injection attacks.
- Strengthening supply chain security by mitigating public-facing vulnerabilities and enhancing internal network defenses.
- Enabling end-to-end visibility for AI agents.
- Utilizing Attack Path Prediction to manage cloud threats proactively.
Add Comment