Introduction
In 2025 [2] [3], AI-generated cyber-attacks have emerged as the foremost threat to organizations [1] [3], as detailed in the Infosecurity Europe Cybersecurity Trends Report [1] [3]. This development has prompted a significant increase in cybersecurity budgets, with 71% of organizations attributing their heightened investment to the growing menace of AI. The Infosecurity Europe 2025 conference [1] [3], marking its 30th anniversary [3], will address these challenges, featuring a keynote session on strategies to counteract AI-driven threats such as deepfakes and social engineering.
Description
AI-generated cyber-attacks are now recognized as the primary threat to organizations in 2025 [3], as highlighted in the Infosecurity Europe Cybersecurity Trends Report [1] [3]. The report indicates that 71% of organizations planning to increase their cybersecurity budgets attribute this investment primarily to the rising threat of AI [1] [3]. In response to these escalating risks, the upcoming Infosecurity Europe 2025 conference [1] [3], celebrating its 30th anniversary [3], will take place at the London ExCel from June 3-5, 2025 [3]. A keynote session titled “Calling BS on AI – Strategies to defeat Deepfake and other AI attacks” will focus on the challenges posed by deepfakes and AI-driven social engineering campaigns, which are among the most significant threats currently facing organizations [3].
In 2025 [2] [3], cybercriminals are leveraging artificial intelligence to enhance their attacks [2], transforming the dark web into a hub for developing sophisticated cybercrime tools [2]. A new digital divide is emerging among UK businesses [4], with those unable to keep pace with AI-powered cyber threats at increased risk of being targeted by hackers [4]. Phishing attacks [2], which remain the primary entry point for cyberattacks [2], have evolved significantly [2], with 82.6% of phishing emails now utilizing AI-generated content [2]. These emails are crafted using language models to mimic the target’s tone and context [2], often incorporating publicly available information to personalize messages [2]. The automation of these campaigns has led to a staggering 1,265% increase in phishing volumes in the first quarter of 2025 [2].
AI-driven malware has also advanced [2], becoming both adaptive and predictive [2]. New strains can analyze their environment and adjust their behavior to evade detection [2], employing techniques such as pausing execution in sandboxes and using encrypted communications [2]. Ransomware variants in 2025 are similarly utilizing AI to enhance their effectiveness [2]. The increasing sophistication of AI tools is driving both hackers and defenders to enhance their arsenals [5], making the detection of AI-generated content a significant challenge. The dark web has seen a significant rise in the availability of malicious AI tools [2], with a 219% increase in discussions and listings [2]. These tools include AI-driven phishing-as-a-service platforms [2], deepfake voice cloning for scams [2], and AI-written malware droppers designed to bypass specific antivirus solutions [2].
Moreover, the implementation of AI systems by businesses increases their attack surface [4], presenting new risks that threat actors are expected to exploit through techniques such as direct and indirect prompt injection [4], software vulnerabilities [4], and supply chain attacks [4]. Transactions for malicious tools often occur in privacy-focused cryptocurrencies and are delivered through onion-based command and control panels [2]. The integration of AI into cybercrime has escalated the threat landscape [2], making attacks more automated [2], stealthy [2], and scalable [2], and blurring the distinction between genuine and fraudulent communications [2]. This necessitates heightened awareness and adaptive security measures to combat these evolving threats effectively [2].
Conclusion
The rise of AI-generated cyber-attacks in 2025 has significantly altered the cybersecurity landscape, necessitating increased vigilance and investment in defense mechanisms. Organizations must adopt adaptive security measures to counteract the sophisticated and automated nature of these threats. As AI continues to evolve, it is imperative for both businesses and cybersecurity professionals to stay ahead of potential vulnerabilities and develop robust strategies to mitigate future risks. The ongoing dialogue and knowledge-sharing at events like the Infosecurity Europe conference will be crucial in addressing these challenges and safeguarding against the ever-evolving threat of AI-driven cybercrime.
References
[1] https://www.infosecurity-magazine.com/news/infosec2025-combating-deepfake/
[2] https://www.darknet.org.uk/2025/05/ai-powered-cybercrime-in-2025-the-dark-webs-new-arms-race/
[3] https://ciso2ciso.com/infosec2025-combating-deepfake-threats-at-the-age-of-ai-agents-source-www-infosecurity-magazine-com/
[4] https://www.itpro.com/business/ai-enabled-cyber-attacks-exacerbated-by-digital-divide-in-uk
[5] https://thenimblenerd.com/article/ai-attacks-why-your-antivirus-wont-save-you-infosecurity-europe-2025-insights/
