Nato-backed UK cyber company Goldilock has published a 2025 cyber security threat forecast, cautioning about the potential risks posed by malware powered by artificial intelligence (AI).
This forecast highlights the emergence of AI-powered malware as an evolving and resilient threat targeting vital infrastructure and protected networks.
Go deeper with GlobalData
The report notes that digital security domain is undergoing a significant shift with the advent of AI as a dual-use technology, offering both progressive and nefarious applications. Malware enhanced by AI represents an advanced tier of cyber threats, characterised by its ability to learn and adapt autonomously.
This analysis delves into the likelihood of an incident akin to the Stuxnet cyberattack, wherein AI-enhanced malware could pose a continuous risk to essential services, data storage facilities, and protected networks.
The report elaborates on how this type of malware evolves by learning from its interactions with various defence systems, enabling it to adapt and bypass existing security measures.
Highlighting the increased vulnerability of interconnected systems, the forecast notes that increased system interconnectivity and data centralisation mean that a successful breach could lead to widespread disruption.
How well do you really know your competitors?
Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.
Thank you!
Your download email will arrive shortly
Not ready to buy yet? Download a free sample
We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form
By GlobalDataThis led the UK to designate data centres as critical infrastructure, recognising the need for enhanced protection, particularly against state-sponsored cyber threats.
The report cites instances of AI-driven threats, such as BlackMatter ransomware and Cobalt Strike, which demonstrate the capability of these threats to outmanoeuvre traditional endpoint detection and response (EDR) systems.
Goldilock forecast calls for adoption of a collective approach in fortifying cyber resilience and urges for a concentrated effort on several fronts:
Investment in AI Research: It is vital for government bodies and industry leaders to invest in AI-centric cybersecurity advancements, with an emphasis on creating defence systems that are both reactive and pre-emptive.
Public-Private Partnerships: There should be a synergy between public agencies and private entities in safeguarding critical infrastructure against these evolving threats through the exchange of best practices and intelligence on potential threats.
Isolation Tools: Technologies that enable urgent network isolation play a pivotal role in defence by severing connections to sensitive networks, thereby preventing even the most sophisticated AI-driven malware from reaching essential data.
Goldilock co-founder and COO Stephen Kines explained: “Across cyber security but most crucially when it comes to protecting critical infrastructure, we’ve got to modify best practices to effectively thwart the more sophisticated threats coming at us this year.
“Network segmentation and the ability to ringfence infrastructure beyond the reach of AI-powered tactics, proactive threat intelligence, and private and public sector collaboration; only with all these elements will we be able to effectively counter the attacks of today and tomorrow and keep our networks safe.”
