Monday, January 20, 2025

Palo Alto warns against AI attacks, deepfakes, supply chain threats in 2025

From 2021 to 2022, building ransomware took attackers 12 hours, compromising and exfiltrating data took 9 days, and exploiting a vulnerability could take as long as 9 weeks.

In 2024, though, the time it took to build ransomware was cut down to three hours, compromising and exfiltration shortened to a day, and vulnerability exploitation reduced to only a week.

Worse, the speed, scale, and sophistication of these attacks will only further increase, thanks to the powerful capabilities of AI models. AI threats are also just the start of the technology threats brewing in 2025.

This is according to cybersecurity firm Palo Alto Networks during a virtual media briefing on Thursday, Dec. 5, where it laid out the five key trends they believe will emerge in 2025.

These five trends are: the transition towards a unified cybersecurity platform, proliferating deepfakes in the Asia Pacific region, the growing importance of transparency in AI, an increased focused on supply chain resilience, and the need to prepare for future quantum threats.

1. Simplifying cybersecurity infrastructure through a unified platform

        To defend against multiplying, high speed AI threats, defenders must detect and react to attacks swiftly. To help achieve this speed, Palo Alto’s first trend anticipates that companies will move towards consolidating their cybersecurity tools into a unified platform.

        A unified platform will reduce complexity by decreasing the number of cybersecurity tools, dashboards, and silos in the technology stack, resulting in improved end-to-end visibility and ultimately, finer control of code repositories, cloud workloads, networks, and Security Operations Centers (SOCs).

        The convergence of all security layers onto a unified platform will also optimize resources, enhance overall efficiency, and empower organizations to build more resilient, adaptive defenses against evolving threats, including those brought about by AI.

        Additionally, AI-backed cybersecurity solutions have already been developed to help organizations proactively defend against AI-powered threats. Palo Alto Networks offered as an example Precision AI, its proprietary AI system designed to help defenders automate cybersecurity threat detection, response, and prevention.

        Utilizing a unified cybersecurity platform in conjunction with such AI solutions can help human defenders protect their organizations against threats accelerated by AI.

        “Humans cannot win against machines, against AI. It won’t work. So it has to be machine versus machine, and it has to be AI versus AI and with AI, we can do prevention in real time,” said Oscar Visaya, Palo Alto, country manager for the Philippines.

        2. Deepfakes will go mainstream

        The second trend deals with the rising proliferation of deepfakes, synthetic, realistic media such as videos, pictures, or audio designed to misrepresent a person or event.

        The creation of deepfakes have been expedited by AI and Palo Alto expects that deep fakes will be utilized more often in the coming year, either alone or as a component of larger cyberattacks.

        In 2024, they already observed numerous deepfake scams taking place in the Asia Pacific region. Deep fakes were leveraged to spread political misinformation in some cases. For instance, one Singaporean email scam featured a deepfake of the country’s minister mentor requesting for Singaporeans to donate funds to a certain institution.

        Palo Alto, however, deemed the most effective attacks to be those targeting corporations for financial gain. They cited how an employee at a Hong Kong engineering firm was duped into wiring millions of dollars to a scammer who had used deepfakes to imitate the CFO and executive team on a video conference.

        3. Growing interest around AI Transparency

        Palo Alto’s next trend deals with how regulations are starting to catch up with the ramifications of AI technology. While most nations in the Asia and Pacific region except China currently only have non-binding guidelines in place regarding AI, Palo Alto has been tracking APAC regulators’ growing focus on the data protection and cybersecurity implications of AI models.

        In 2025, the cybersecurity company predicts that the increased use of AI models will drive up interest in AI security, as well as the integrity and reliability of the data being used by these models.

        “We are starting to see, in some parts of the world, regulatory discussion around AI in terms of what are the ethics around the AI model in the event of an incident and are you able to provide an audit trail in terms of how the AI model made a decision. So, we will see more and more [considerations like] this,” Steven Scheurmann, Palo Alto, regional vice president for ASEAN, remarked.

        Palo Alto recommends that organizations do not wait for regulations to become enforceable. The company believes that transparent and proactive communication about AI model mechanics — specifically regarding data collection, training datasets, and decision-making processes — will be essential in building customer trust.

        “It’s going to become more and more of an important issue in the event of an incident. [Regarding] regulatory requirements, governance, or compliance, there will be a requirement to provide a level of transparency as it relates to AI,” Scheurmann projected.

        4. Realizing supply chain vulnerabilities

        Moving away from AI, the fourth trend addresses the growing awareness of the vulnerabilities opened in critical infrastructure, such as government services, airports, hospitals, and banks, due to the dependence on digital technologies.

        This awareness has also brought up the question of who will be held liable for disruptions of these services. Thus, in 2025, Palo Alto predicts that organizations will concentrate more on product integrity and supply chain resilience.

        Scheurmann explained: “It’s not surprising, because in a highly digitized world, supply chains are becoming increasingly interconnected. So, it’s important to understand that if there is a compromise, what is the impact? What’s the ability to bring it back online? Who’s accountable?”

        This trend will manifest as organizations conducting more thorough risk assessments, considering accountability and legal implications of business outages, and reviewing insurance arrangements.

        In the cloud specifically, where complexity and scale amplify risks, real-time visibility will become vital. Palo Alto expects to see more comprehensive monitoring involving constant tracking of both infrastructure and application performance metrics in this field.

        5. Defending against future quantum threats

        Lastly, Palo Alto is keeping their thumb on the threat posed by quantum computing. While quantum decryption on widely used encryption methods is not yet viable, the cybersecurity company predicts that nation-state-backed threat actors will intensify their “harvest now, decrypt later” attacks, which aim to steal highly classified data to decode it when quantum technology progresses.

        Both governments and businesses can be the victims of such attacks and if in the future, stolen data is successfully decrypted, adversaries can freely analyze civilian and military communications, undermine critical infrastructure, and overcome security protocols for most internet-based financial transactions.

        Today, preventing exfiltration should be the top priority to head off these attacks. But Palo Alto also recommends beginning the process of adopting quantum resistant defense, such as quantum-resistant tunnelling, comprehensive crypto data libraries, and transitioning to post-quantum cryptography to help secure data against future quantum threats.

        During the briefing, Scheurmann laid out how Palo Alto can put together its annual projections for the year ahead: “We have almost 100,000 plus customers globally, and we collect a lot of telemetry from the network, from the end point the cloud, etc. And collecting that amount of data allows us to have a very, very detailed understanding of the types of threats that exist out there, the type of attack services that may be potentially exposed.”

        He added: “Because of our data set, we’re able to see trends which most organizations and many people don’t see. Hence, we’re in a position to have these predictions.”

        Subscribe

        - Advertisement -spot_img

        RELEVANT STORIES

        spot_img

        LATEST

        - Advertisement -spot_img