2024 wasn't the year that AI rewrote the cybercrime playbook — but it did turbocharge some of the old tricks. In Cisco Talos' 2024 Year in Review, with the help of our friends at Robust Intelligence (now a Cisco company), we dissect how cybercriminals used generative AI to scale up social engineering, fine-tune phishing, and automate grunt work like OSINT gathering.
So while AI didn't completely rock the threat landscape last year, the groundwork is being laid for 2025, where agentic AI and automated vulnerability hunting could cause some significant challenges for defenders. Our research showcases the top four areas of concern for the coming year.
Curious about how AI could impact your defenses — or your data — this year? Take a look at this summary of AI-based threats:
Need a 60 second summary? Take a look at this video:
Or for a more in-depth discussion about how AI is impacting social engineering, threat actor-built LLMs, and where AI based threats may be heading, check out this Talos Takes podcast with special guests Amy Chang and Omar Santos from Cisco, Vitor Ventura from Talos, and Ryan Fetterman from Splunk. We also talk about how defensive strategies can leverage AI, particularly in the SOC, to increase visibility and make determinations a lot quicker.
Download Talos' 2024 Year in Review.
Also check out Cisco's State of AI Security report.