How AI is becoming a weapon in the hands of Internet criminals

Trend Micro has unveiled its predictions for the top cyber threats and trends for 2025, focusing on the critical role that Artificial Intelligence (AI) plays in shaping the threat landscape.

With the cost of cybercrime expected to exceed $10 trillion, the increasingly sophisticated methods of perpetrators are creating unprecedented risks for both businesses and users. In fact, using AI, cybercriminals are expected to increase the scale, speed and accuracy of their attacks, creating challenges for even the most robust cybersecurity systems. Trend Micro stresses that proactive measures, strong security protocols and ongoing training are essential to counter evolving threats.

Within 2025, AI is expected to become the most dangerous "weapon" for cybercrime. "Social machine" attacks, such as deepfakes and training large language models (LLMs) on publicly available data, which allow perpetrators to mimic personal writing styles, will continue to dominate among common cybercriminal tactics. These technologies allow perpetrators to achieve highly convincing impersonations by exploiting unsuspecting users. As far as businesses are concerned, Business Email Compromise (BEC) tactics will pose a great risk to them.

In addition, semi-automated AI-based scams and Bypass-KYC-as-a-Service attacks powered by exposed biometric data and compromised Personally Identifiable Information (PII) will maintain their position as key tools for criminals. AI agents, increasingly used by organizations, can become malware targets, allowing attackers to manipulate or exploit certain systems for malicious actions. Additionally, AI tools will simplify phishing campaigns by tailoring attacks with hyper-personalised content, increasing their success rates.

At the same time, cybercriminal groups specializing in Ransomware attacks are changing tactics to exploit legitimate tools and applications, such as account hacking instead of traditional phishing. Enterprises should choose solutions that provide enhanced visibility and detection at multiple levels, ensuring that incidents with the potential to cause significant system damage can be dealt with as quickly as possible. The use of AI for analysis and automated responses will be critical as it can counter Ransomware attacks, effectively reducing the impact.

Focusing on the geopolitical aspect of cybersecurity, advanced persistent threat (APT) groups operating with the support of state actors are expected to intensify their operations, targeting diplomatic and military information, as well as cloud environments, supply chains and critical infrastructure. Groups such as Lazarus, Turla and APT29 will continue to exploit vulnerabilities for espionage purposes, given that the geopolitical tensions of the time are helping to fuel such activity. The risk is high for both businesses and states themselves, which will certainly need to implement strong security measures, conduct detailed supply chain assessments and work with governments and private actors to effectively counter threats.

With regard to large-scale supply chain attacks, perpetrators will exploit AI to overcome language barriers, adapt to regional specificities and scale their campaigns globally. Businesses using AI-based systems need to address vulnerabilities, ensure compliance with new rules and shield their internal security framework.

At the same time, regulatory developments such as the EU NIS2 Directive and the Digital Resilience Regulation (DORA) will require enhanced cybersecurity measures across all sectors. Compliance with these standards will be vital to mitigate risks associated with public-facing servers, cloud and remote working infrastructures.

Clearly, then, AI is leading the way in Trend Micro's 2025 predictions. The cybersecurity giant recommends that businesses leverage the benefits of AI to defend against threats based on the very same technology. By investing in strong security measures, staff training and staying up-to-date on technological developments, organisations can navigate the complexities of the evolving threat landscape and effectively protect their digital assets.