HÀ NỘI — Fortinet, a global cybersecurity leader, has released its 2025 Global Threat Landscape Report highlighting the threat of cybercrime-as-a-service on the darknet, making the trading of credentials, exploits and access increasingly common.

The latest annual report is a snapshot of the active threat landscape and trends from 2024, including a comprehensive analysis across all tactics used in cyberattacks, as outlined in the MITRE ATT&CK framework.

The data reveals that threat actors are increasingly harnessing automation, commoditised tools and AI to systematically erode the traditional advantages held by defenders.

“Our latest Global Threat Landscape Report makes one thing clear: cybercriminals are accelerating their efforts, using AI and automation to operate at unprecedented speed and scale,” said Derek Manky, Chief Security Strategist and Global VP Threat Intelligence at Fortinet FortiGuard Labs.

“The traditional security playbook is no longer enough. Organisations must shift to a proactive, intelligence-led defence strategy powered by AI, zero trust and continuous threat exposure management to stay ahead of today’s rapidly evolving threat landscape,” he said.

There are several key findings from the latest report.

The first one is that automated scanning has hit record highs as attackers shift to identify exposed targets early.

To capitalise on newfound vulnerabilities, cybercriminals are deploying automated scanning at a global scale.

The second key finding is marketplaces that fuel easy access to neatly packaged exploit kits. In 2024, cybercriminal forums increasingly operated as sophisticated marketplaces for exploit kits, with over 40,000 new vulnerabilities added to the National Vulnerability Database, a 39 per cent rise from 2023.

Rapid scaling AI-powered cybercrime is the third finding. Threat actors are harnessing AI to enhance phishing realism and evading traditional security controls, making cyberattacks more effective and difficult to detect. Tools like FraudGPT, BlackmailerV3 and ElevenLabs are fuelling more scalable, believable and effective campaigns, without the ethical restrictions of publicly available AI tools.

Other findings include the intensification of targeted attacks on critical sectors; escalation of cloud and IoT security risks and credentials being a currency for cybercrime.

Fortinet’s report provides rich details on the latest attacker tactics and techniques while also delivering prescriptive recommendations and actionable insights.

Designed to empower chief information security officers (CISOs) and security teams, the report offers strategies to counter threat actors before they strike, helping organisations stay ahead of emerging cyberthreats.

This year’s report includes a “CISO Playbook for Adversary Defence” that highlights a few strategic areas to focus on: shifting from traditional threat detection to continuous threat exposure management; simulating real-world attacks; reducing attack surface exposure; prioritising high-risk vulnerabilities and leveraging dark web intelligence. — VNS