2025年网络安全预测报告

Foreword Thank you for your interest in this eBook. As a Google Cloud partner, we at [Partner company] are committedto providing you with the resources and insights you need to makeinformed decisions about your cloud journey. We believe that this eBook will provide valuable insights into thebenefits and capabilities of Google Cloud. [Partner company] isequipped to support you with [value proposition related to thereport]. If you have any questions or would like to discuss your specificrequirements, please do not hesitate tocontact us Sincerely,Wursta Learn more atwursta.com Table of Contents Maturing Security Operations in the Cloud11 Introduction3 Criticality Drives More Regulationsfor Cloud Providers11 Artificial Intelligence4 Attacker Use of AI4 More Interest in Web3 and Crypto Heists11 AI for IO4Next Phase of AI and Security5 Faster Exploitation and MoreVendors Targeted12 The Big Four6 Preparing for an Age ofPost-Quantum Cryptography12 Russia6China6Iran7North Korea7 EMEA Forecasts13 A Pivotal Year for Compliance13 Geopolitical Conflicts DriveThreat Activity14 Global Forecasts More Focus on Cloud Security14 PRC Actors Will Continue to DeployCustom Malware Ecosystems forEmbedded Systems8 JAPAC Forecasts15 North Korea Threat ActorsSetting Their Sights on JAPAC15 No End in Sight: Ransomwareand Multifaceted Extortion8 Chinese-Controlled Websites Posingas Local News Outlets Target GlobalAudiences with Pro-Beijing Content16 Post U.S. Election Activity9 Uncovering Operations From Years Past9 Cyber Criminals in Southeast AsiaContinue to Innovate16 The Rising Threat of Infostealer Malware:A Gateway to High-Impact Data Breaches9 Conclusion17 Rising Impact of CompromisedIdentities in Hybrid Environments10 Democratizing of Cyber CapabilitiesWill Continue To Lower Barriers toEntry for Less-Skilled and Newer Actors10 SPECIAL REPORT: MANDIANT M-TRENDS 2023Introduction When looking at the year ahead, we never make predictions.Instead, we look at the trends we are already seeing, and providerealistic forecasts of what we expect to see in the wide worldof cybersecurity. The Cybersecurity Forecast 2025 report is filled with forward-looking insights from Google Cloud security leaders, includingSunil Potti, VP/GM, Google Cloud Security, Sandra Joyce, VP ofGoogle Threat Intelligence at Google Cloud, Charles Carmakal,Mandiant CTO, Google Cloud, and Phil Venables, VP, TI Security &CISO, Google Cloud. The report also features insights from more than a dozenresearchers, analysts, responders and experts acrossnumerous Google Cloud security teams, including GoogleThreat Intelligence, Mandiant Consulting, Google SecurityOperations, Google Cloud’s Office of the CISO, and VirusTotal.These individuals are regularly on the frontlines, and know whatorganizations and security teams should be prioritizing next year. Technology advances, threats evolve, the cybersecuritylandscape changes, and defenders must adapt to it all if theywant to keep up. The Google Cloud Cybersecurity Forecast 2025report aims to help the cybersecurity industry frame its fightagainst cyber adversaries in 2025. ArtificialIntelligence Attacker Use of AI Next year we anticipate malicious actors will continue their rapid adoption ofAI-based tools to augment and assist their online operations across variousphases of the attack lifecycle. We will see continued use of AI and largelanguage models (LLMs) to develop and scale more convincing phishing,vishing, SMS, and other social engineering attacks. We expect to see cyberespionage and cyber crime actors continue to leverage deepfakes foridentity theft, fraud, and bypassing know-your-customer (KYC) securityrequirements. We expect to observe more evidence of malicious actorsexperimenting with LLMs and deepfake applications for other use cases,including vulnerability research, code development, and reconnaissance.Additionally, we anticipate more demand in underground forums for LLMsthat lack security guardrails, allowing threat actors to query for illicit topicswithout limit. As AI capabilities become more widely available throughout2025, enterprises will increasingly struggle to defend themselves againstthese more frequent and effective compromises. “2025 is the first yearwhere we’ll genuinely seethe second phase of AI inaction with security.” Sunil Potti. VP/GM,Google Cloud Security AI for IO Information Operations (IO) threat actors will increasingly leverage gen AItools to support their efforts. Deployment of AI capabilities has expandedbeyond early use of generative adversarial network (GAN)-created profilesto backstop inauthentic personas, and has shifted to include the use of largelanguage models (LLMs) to support content creation, and the manufacturingof seemingly genuine articles published to inauthentic websites. Thisis a significant force multiplier that increases the scale at which actorsengaged in this space can produce content, and create additional layers ofobfuscat