Google ventures an outlook on the IT security situation in 2025

Google looks into the crystal ball: an almost 20-page PDF provides assessments of the expected IT threat situation in 2025 from Google's cloud security heads. In addition to the management staff, IT researchers from the various IT security teams at Google and the Google subsidiary Mandiant also have their say.

According tothe associated blog post, Google is taking a conservative approach and extrapolating what can be expected from the trends currently observed. This is intended to provide a realistic outlook that organizations can use to prepare for what lies ahead in the coming year.

Outlook for 2025: few surprises

However, this also means that there is no surprising information. Google discusses that malicious actors will increasingly rely on AI for sophisticated phishing, vishing and social engineering. In addition, an increase in deepfake deployments for identity fraud and theft, fraud or to circumvent security measures is expected. Perpetrators will also use AI to optimize their strike rate: Scaling content generation, creating more compelling content, or enhancing inauthentic personalities.

The so-called "Big Four", namely China, Iran, North Korea and Russia, will remain active and continue to engage in espionage activities, commit cybercrime and pursue spying operations in connection with their geopolitical interests. Also partly state-directed: ransomware and multi-layered extortion remain the most disruptive forms of cybercrime, Google estimates, impacting various sectors and countries.

Malware in the Infostealer category remains a significant threat according to Google's assessment, enabling data leaks and account compromise. In addition, less talented threat actors will gain increased access to tools and services, which Google describes as the democratization of cyber capabilities.

Compromised identities in hybrid environments will therefore pose a significant risk. In addition, Web3 and cryptocurrency organizations are increasingly being targeted by attackers who want to steal digital assets. Also bad for IT security: Google expects a further reduction in the "time to exploit", i.e. the period between the discovery of a security vulnerability and its misuse by cyber criminals. Here, Google's analysts believe that there will be a further diversification of the targeted manufacturers.

Interested parties can download Google's paper on a separate website after providing details such as their email address and company telephone number.

On Tuesday of this week, the German Federal Office for Information Security (BSI) published a status report on cyber security. However, this was essentially a review. However, there were also indications as to what security measures should be taken as a consequence of the attacks observed.

(dmk)