In 2024, the world witnessed unprecedented levels of cyberattacks driven by advancements in technology and increasing reliance on it. Here’s what experts have to say about 2025.
From ransomware attacks to AI-powered scams, and critical security failures – a wave of cyber incidents made headlines, underscoring the need for stronger digital defenses.
According to a report by Prahar, a non-profit organisation, over 500 million cyberattacks were recorded in just the first quarter of 2024. Reports also show a 46 per cent increase in cyberattacks in the second quarter of 2024 compared to the same period the previous year.
According to Pankit Desai, CEO and co-founder of Sequretek, a global cybersecurity company, “2024 saw the cyber threat landscape widening beyond imagination. With the emergence of AI, Generative AI, and ML-enabled attacks, cybercriminals leveraged AI to automate and enhance their tactics making attacks more sophisticated and harder to detect.”
Pankit revealed that 2024 saw a rise in ransomware attacks where offenders targeted organisations globally, and extorted money by threatening to release sensitive data.
Data breaches were another common vulnerability and human behaviour was exploited with phishing attacks. “2024 saw the emergence of Gen AI deepfakes for influencing public opinion during elections too.
Technological shifts in AI, ML, and IoT (Internet of Things) reshaped attack-defence mechanisms. IoT saw an increase in threats due to insufficient security measures in connected devices.”
Here’s A Look At What Happened In The Year 2024:
January: Microsoft disclosed a data breach by Midnight Blizzard (Nobelium), a Russian-backed hacking group that used social engineering and tools like Microsoft Teams to trick victims into revealing login details.
In early 2024, WazirX, a leading Indian crypto exchange, faced a cyberattack targeting a ‘multi sig’ wallet managed by Liminal, resulting in a $230 million theft.
February: Change Healthcare, a US healthcare payment provider, fell victim to a ransomware attack. Meanwhile, US forces hacked an Iranian military spy ship aiding Houthi rebels targeting ships in the Red Sea.
On February 27, Burger Singh’s website was hacked and defaced by ‘Team Insane PK,’ a Pakistan-affiliated group, in response to a controversial promo code, ‘FPAK20.’ Instead of removing the graffiti immediately, Burger Singh left it up for a day, calling it an “open mic night for hackers.”
March: Dutch cybersecurity firm EclecticIQ uncovered a cyber-espionage campaign targeting Indian government agencies and the energy sector, using a tweaked version of “HackBrowserData” to steal browser credentials, cookies, and history.
Meanwhile, a US Department of Justice indictment revealed that Chinese hackers targeted EU members of the Inter-Parliamentary Alliance on China and Italian MPs, aiming to track their IP addresses and locations.
April: Ukraine’s military intelligence launched DDoS attacks on Russia’s United Russia party during its Victory Dictation event, making servers and websites inaccessible. United Russia admitted to facing a “massive” attack.
Meanwhile, the Pakistan-linked hacker group Transparent Tribe targeted India’s government, defense, and aerospace sectors, using phishing emails to infiltrate systems, with a focus on the Department of Defense Production.
“In 2024, our threat research teams noted a growing focus on security evasion. We observed a range of new and innovative phishing techniques appearing as well as highly sophisticated tactics such as the so-called ‘EDR killer’ designed to disable endpoint detection and response tools.
Additionally, remote working and the proliferation of Internet of Things (IoT) devices introduced new vulnerabilities, exacerbated by unpatched software and inadequate endpoint security measures.
The increased prevalence and use of generative AI continued to shape the threat landscape as an enabler for ever more advanced, adaptable and nuanced attacks,” said Parag Khurana, country manager for India at Barracuda Networks.
May: Chinese hackers breached Britain’s Ministry of Defense, exposing sensitive information, including names and bank details of armed forces members, except special forces, by targeting a third-party contractor. The UK stopped short of naming China as responsible.
On May 31, The Cyber Express reported a breach of Telangana police’s Hawk Eye app. Hacker “Adm1nFr1end” leaked data of 200,000 citizens, including personal information, emails, phone numbers, and locations, as flagged by Cyble Research’s dark web monitoring.
June: Germany’s opposition party, the Christian Democratic Union, faced a “serious” cyberattack before European Parliamentary elections, with details undisclosed by the interior ministry.
A threat actor (TA), using the alias “infamous,” claimed to have breached the National Disaster Management Authority (NDMA) of India and accessed the personal data of 93,000 volunteers.
The compromised data includes names, phone numbers, and other critical information. The hacker reportedly put this data up for sale on the dark web for $1,000.
Bharat Sanchar Nigam Limited (BSNL) suffered a major breach, with hacker ‘kiberphant0m’ leaking 278 GB of sensitive user data, including IMSI numbers, SIM details, and server snapshots.
July: A faulty CrowdStrike software update for Microsoft Windows caused a global IT outage, disrupting airlines and hospitals, affecting 8.5 million devices, and costing Fortune 500 companies $5.4 billion.
August: US government officials blamed Iranian hackers for breaking into Donald Trump’s presidential campaign. Hackers also attempted to break into the then-Biden-Harris campaign, then offered to share the stolen Trump campaign documents with the campaign, but were ignored.
September: Russian cyberspies targeted Mongolia’s Ministry of Foreign Affairs and Cabinet websites, planting malicious code to steal browser cookies.
The attackers used exploits similar to those sold by commercial surveillance vendors like NSO Group and Intellexa, though it’s unclear if these companies knowingly sold them to the Russian government.
October: Ukrainian hackers targeted Russia’s state media and court document system on Putin’s birthday, disrupting court filings, schedules, and streaming services for days.
Tamil Nadu police’s Facial Recognition Software portal was hacked using a Teams password, exposing over 6 million records, including photos, names, and police details, affecting 46,000 personnel statewide.
November: A total of 2,839 cyber incidents were reported worldwide from November 1 to 28, 2024, affecting diverse categories, industries, and regions.
DDoS attacks led the charts with 968 cases causing major disruptions, followed by 624 data breaches exposing sensitive information, and 555 ransomware incidents crippling businesses and public services.
Additionally, there were 306 cases of access sales fueling underground markets, 217 defacements targeting websites, and 169 data leaks causing reputational damage.
According to Paritosh Desai, chief product officer at IDfy in 2024, fear drove many scams. Fraudsters posing as law enforcement officers or cybercrime agents threatened victims with legal action unless they paid.
Another scam involved threats of phone service termination due to alleged illegal activities, pressuring victims to pay.
“UPI frauds also surged, with scammers showing fake transfer pictures and claiming overpayment, or sending SMS notifications to trick victims into sending money. Other tactics included deceptive UPI handles, phishing for PINs and OTPs, and fake QR codes to steal funds,” Paritosh said.
December: On 26 December 2024 the Japanese second largest Airlines, Japan Airlines (JAL), fell victim to a massive Cyber Attack, impacting the services in both the International and Domestic sectors. The attack has impacted both the External and Internal systems.
Experts Reveal What To Expect In 2025
In 2025, experts anticipate a steep rise in AI-powered scams and fraud. Many of these experts believe that scammers may use advanced AI tools to hyper-realistic videos, audio calls, and synthetic identities, etc.
Moreover, these tools may lead to large-scale fraud operations, operating much similar to organised business.
“As we look at the New Year, AI is going to play a big part – scammers are going to use AI tools to try and perpetrate a lot more scams – from creating hyper-realistic videos and audio calls to impersonate trusted people we know to create synthetic identities to impersonate victims to get access or do fraud in the victim’s name. We will also see more organised fraud operators that will perpetrate fraud at scale almost like a business,” said Paritosh.
It seems, the complexity around these cyberattacks is set to increase and multi-stage infiltration across platforms is likely to become a norm. Attackers are likely to harness AI and sophisticated tools to evade detection, making such breaches difficult to detect and counter.
“In 2025, we expect cyberattacks to become increasingly complex, with more multi-channel, multi-stage attacks that infiltrate one platform, such as email and then expand laterally to others.
Attacks will also become harder to detect as attackers are expected to invest more time and energy leveraging AI, novel tools and techniques to help them breach systems, steal data, or compromise infrastructure without triggering any immediate alarms.
This means that while the prevention of attacks will remain a cornerstone of effective cybersecurity strategies, there will be a greater focus on cyber resilience including automated incident response and integrated, 24/7 security platforms that can significantly reduce the time it takes a target to respond to and neutralize attacks,” said Khurana.
It is believed that the deployment of 5G will likely expand the cybersecurity threat landscape. Increased connectivity will enable more entry points for cybercriminals, and AI warfare—where intelligent systems fight in real-time—will become a reality.
Advanced AI-based analytics will play a key role in fighting against these threats. “The emergence of 5G technologies will broaden the threat landscape by increasing connectivity and attack vendors.
We will move past simple AI-driven threat detection into full-scale machine versus machine warfare, and AI systems will engage in real-time adversarial AI. There will be more advanced AI-based analytics that will eliminate challenges in cybersecurity,” said Pankit.
He also said that quantum computing capability can pose a threat in the near future if it becomes affordable, leading to a drastic change in the cybersecurity realm. “By 2025, we expect to see an increase in adversarial attacks that subtly corrupt AI training data, supply chain attacks targeting AI model updates, zero-day exploits specifically designed to compromise AI security systems, social engineering attacks that manipulate AI learning patterns, advanced prompt injection techniques that bypass traditional safeguards, model poisoning campaigns that gradually degrade security decision-making,” he said.
