Cybersecurity in 2025: evolutions and trends

Orange Cyberdefense, the cybersecurity specialist and European market leader in security services, presents its sixth annual Security Navigator research report. Based on extensive data analysis, this report provides detailed insights into the cybersecurity landscape. Cybersecurity is heavily influenced by geopolitical conflicts and ever more advanced threat actors. With attacks on critical infrastructure becoming more frequent, the report underscores the urgent need to build our cyber defences against the growing number of attacks. The Security Navigator not only describes the security challenges of the past year but also looks to the future. Cybercriminals are not slowing down. That is why it is advisable to take proactive action now to protect your organisation.

The 2025 Security Navigator once again illustrates the complexity of the security landscape. Businesses must continually adapt and stay alert. Our experts share their views on various topics, with an emphasis on different sectors.

This article highlights several of the report's more striking conclusions about the key security events of 2024 and their impact.

The offensive and defensive aspects of AI

Artificial intelligence (AI) makes users more productive but, unfortunately, this applies to cybercriminals too. In 2024, several companies were hacked using deepfakes that impersonated the voices of company executives. This enabled financial hackers to make fraudulent requests without being caught. AI is also used for phishing campaigns, and malicious variants of ChatGPT have been developed, such as WolfGPT, DarkGPT and DarkGemini. These language models are becoming increasingly advanced and generate convincing emails without grammatical or spelling errors in the blink of an eye. Fortunatly, AI is also a weapon in the fight against cybercrime. It can detect subtle patterns in data that point to covert or new attacks, and it allow organisations to analyse larger data volumes using fewer people.

Hijacking operational systems

Ransomware traditionally targets IT systems. But as IT and OT — operational technology — systems are increasingly linked, the latter are also more frequently falling prey to cyber extortion, which can paralyse physical processes. 20% of the victims of last year's ransomware attacks are active in the production industry.

Threats to mobile networks

Attacks on mobile devices are commonplace, so many businesses now use multi-factor authentication. This is an effective way of enhancing your level of protection. The unfortunate result is that cybercriminals are targetting vulnerabilities across all aspects of mobile networks, with attacks on SIM cards, devices and infrastructure.