Fortinet: Charting the Changes of the 2025 Threat Landscape
The rapid adoption of emerging technologies, from AI to multi-cloud infrastructures, has introduced new vulnerabilities that attackers are quick to exploit.
Meanwhile, geopolitical tensions and economic uncertainty provide a fertile backdrop for increasingly sophisticated and targeted cyberattacks.
Businesses face a stark reality: the threat landscape is not only expanding but also becoming more complex and coordinated.
This complexity underpins the recently released 2025 Threat Predictions Report by Fortinet’s FortiGuard Labs. The report signals a shift in the tactics of cyber adversaries, who are expected to embrace greater specialisation, automation, and even hybrid approaches that blend digital and physical threats.
Bigger, bolder threats in 2025
While these predictions focus on the challenges ahead, they also offer strategic insights for organisations to enhance resilience.
Fortinet’s report highlights a marked evolution in how cybercriminals operate. One of its standout predictions is the increasing specialisation within the cybercrime-as-a-service (CaaS) marketplace.
Once generalists offering all-inclusive attack kits, many CaaS providers are now narrowing their focus to specific stages of the attack chain, such as reconnaissance or payload delivery. This shift allows for greater precision and efficiency in executing cyberattacks.
Cloud environments also feature prominently in Fortinet’s 2025 forecast. With organisations increasingly relying on multi-cloud infrastructures, cybercriminals are turning their attention to this lucrative target.
The report anticipates a rise in cloud-specific vulnerabilities being exploited.
Fortinet predicts that automated hacking tools will proliferate, fuelled by advances in AI. Tools leveraging large language models (LLMs) are expected to streamline reconnaissance and enable the creation of sophisticated phishing kits.
The report thus advocates for the expansion of anti-adversary frameworks. The report predicts that collaborative measures will become more robust and widespread, disrupting cybercrime on a larger scale.
Cybercriminals continually advance their playbooks, with attacks becoming more aggressive and destructive. Many related efforts like the World Economic Forum Cybercrime Atlas initiative are already underway, and Fortinet anticipate that more collaborative initiatives will emerge to meet the growing threat.
The change from 2024 to 2025
When examining Fortinet’s 2025 predictions, we begin to see how the threat landscape may be set to change from 2024.
2024 findings from computer and network security Trellix allow us to contrast what will change, and what may stay the same.
While both reports acknowledge the interconnected nature of today’s cybercrime networks, Trellix describes how ransomware families and other threat actors are leveraging partnerships to maximise their reach.
Fortinet’s emphasis on specialisation suggests a refinement of these collaborative dynamics, indicating a future where threat actors are not just numerous but also highly skilled in specific areas.
Both reports emphasis the importance of defending the cloud, highlighting how securing the cloud and detecting threats within it will remain a concern.
Trellix warns of AI, like Fortient, but the change is Trellix warned of its potential misuse across various domains, such as disinformation campaigns, while Fortinet zeroes in on how these advancements will specifically power CaaS offerings and automation .
- More attack chain expertise emerges
- Cloud to experience cyberattacks
- Automated hacking tools
- Real life threats
- Expansion of anti-adversary frameworks
One thing Fortinet mentioned that did not have an equivalent in Trellix’s 2024 report is the use of physical threats augmenting the use of cyber threats.
Fortinet say they expect adversaries to expand their playbooks to combine cyberattacks with physical, real-life threats.
This is based on reports that some cybercrime groups physically threaten an organisation’s executives and employees in some instances, and they believe this will not only increase, but become a regular part of many adversaries playbooks.
They also anticipate that transnational crime will become a regular component of more sophisticated playbooks, with cybercrime groups and transnational crime organisations working together.
Together, these insights underline the urgent need for organisations to develop defences that can adapt to AI-driven threats.
Approaching 2025’s threat landscape
As we approach 2025, the threat landscape is poised to become more sophisticated, targeted, and multifaceted.
Fortinet’s predictions highlight how cybercriminals are adapting their tactics to exploit emerging vulnerabilities.
Comparing this to Trellix’s 2024 report, we can see how tactics could be changing, with room now left to discover why.
Yet, despite the differences in 2024 and 2025’s threat landscape, both emphasised the need for organisations to stay vigilant, foster collaboration, and invest in forward-thinking strategies.
The road ahead is challenging, but with a proactive approach, businesses can stay one step ahead of their adversaries.
Explore the latest edition of Cyber Magazine and be part of the conversation at our global conference series, Tech & AI LIVE and Cyber LIVE.
Discover all our upcoming events and secure your tickets today.
Cyber Magazine is a BizClik brand