HÀ NỘI — The global cybersecurity leader Fortinet, driving the convergence of networking and security, has unveiled its 2025 Cyberthreat Predictions Report, offering critical insights into the evolving cyber-attack landscape.

While adversaries continue to leverage classic tactics that have persisted for decades, the report highlights a shift toward more ambitious, sophisticated and destructive strategies.

Cybercrime-as-a-Service (CaaS) groups are becoming increasingly specialised and attackers are adopting playbooks that blend digital and physical threats, to execute highly targeted and impactful attacks.

Developed by FortiGuard Labs, the report examines the evolution of traditional attack methods, emerging trends shaping the future of cybercrime and actionable recommendations for organisations to strengthen their resilience.

It provides a forward-looking view of the challenges posed by a rapidly changing threat landscape and equips businesses with the insights needed to proactively defend against advanced cyber threats.

“Fortinet’s 2025 threat predictions highlight the critical role of AI in shaping the future of cybersecurity," said Fortinet Việt Nam's Country Manager Nguyễn Gia Đức.

"While adversaries are leveraging AI to enhance their attacks, Fortinet leads the way in applying AI to strengthen defences, automate threat detection and reduce operational burdens for security teams.

"Our AI-powered cybersecurity platform empowers customers to stay ahead of evolving threats, optimise their security strategies and build resilience in an increasingly complex digital landscape,” he said.

Emerging threat trends 

In recent years, cybercriminals have been spending more time 'left of boom' on the reconnaissance and weaponisation phases of the cyber kill chain.

As a result, threat actors can carry out targetted attacks quickly and more precisely.

In the past, many CaaS providers worked as 'jack of all trades' -  offering buyers everything needed to execute an attack, from phishing kits to payloads.

However, it is expected that CaaS groups will increasingly embrace specialisation, with many groups focusing on providing offerings that home in on just one segment of the attack chain.

While targets like edge devices will continue to capture the attention of threat actors, there’s another part of the attack surface that defenders must pay close attention to over the next few years: their cloud environments.

Although cloud isn't new, it's increasingly piquing the interest of cybercriminals. Given that most organisations rely on multiple cloud providers, it’s not surprising that the company is observing more cloud-specific vulnerabilities being leveraged by attackers, anticipating that this trend will grow in the future.

A seemingly endless number of attack vectors and associated code are now available through the CaaS market, such as phishing kits, Ransomware-as-a-Service, DDoS-as-a-Service and more.

Some cybercrime groups rely on AI to power CaaS offerings, a trend expected to flourish. Fortinet anticipates that attackers will use the automated output from LLMs to power CaaS offerings and grow the market, such as taking social media reconnaissance and automating that intelligence into neatly packaged phishing kits.

Fortinet's threat predictions also include playbooks growth to include real-life threats and the expansion of anti-adversary frameworks.

Enhancing collective resilience 

Cybercriminals will always find new ways to infiltrate organisations, say Fortinet. Yet there are numerous opportunities for the cybersecurity community to collaborate to better anticipate adversaries’ next moves and interrupt their activities in a meaningful way.

"The value of industry-wide efforts and public-private partnerships cannot be overstated, and we anticipate that the number of organisations participating in these collaborations will grow in the coming years.

"Additionally, organisations must remember that cybersecurity is everyone’s job, not just the responsibility of the security and IT teams. Implementing enterprise-wide security awareness and training, for example, is a vital component of managing risk," Fortinet write in the report.

The company insist that in order to counter the real world of threats, especially as criminals evolve and become ever more sophisticated, will require a collective crime-fighting approach, including at the government level.

" No single organisation or security team can disrupt cybercrime alone. By working together and sharing intelligence across the industry, everyone will be collectively better positioned to fight back against adversaries and effectively protect society at large. " VNS