5 Predictions for 2025 and the Next Cyberthreat Frontier
Remember when you thought your organization’s data and discussions were reasonably secure as they traversed commercial communications networks? The 2024 Salt Typhoon attack sure blew a hole in that theory. But it also proved something – again: Defenders face a continuously shifting cyberthreat landscape.
So, what does the cyberthreat frontier look like in 2025? I discussed this with David Wiseman, Vice President of Secure Communications at BlackBerry. He has frequent conversations with governments and industries around the world, which helped inform these five cybersecurity-related predictions for the new year.
Five Cybersecurity Predictions for 2025
1. Telecom Networks are the New Attack Layer for Threat Actors
The year 2025 is set to witness an ongoing shift in the operations of cyber adversaries. Instead of targeting individual devices, these threat actors are focusing attacks on communications infrastructure, like wireless carriers and internet service providers (ISPs).
“This allows them to bypass device-specific malware and focus on broader infrastructure vulnerabilities,” says Wiseman. “This shift is driven by the interconnectivity of legacy telecom networks and the troves of data they contain, which make them prime targets for threat actors. By compromising these networks, attackers have access to a more extensive range of targets, bypassing traditional security defenses that are device-centric and any need for device-specific malware – including spyware.”
And he warns this trend will likely increase the rate of real-time communications interception, which puts sensitive and classified information at greater risk.
“The recent Salt Typhoon wire-tapping incident which intercepted court-ordered wiretaps, illustrates how telecom networks are becoming a primary vector for attackers. In the coming year, nations and enterprise organizations must prioritize security strategies at the network and infrastructure level, focusing beyond device-centric protections to safeguard critical communication systems from targeted, real-time attacks.”
2. Unseen Vulnerabilities: The Hidden Risks of 'Free' Communication Apps in 2025
Wiseman says that, in 2025, espionage at the network level will be just one of many communications-related concerns. “Mobile spying is on the rise. People should think twice about what they are sharing on so-called ‘free’ messaging apps like WhatsApp and Signal. The perceived security of popular communication apps like these will face growing scrutiny as their vulnerabilities become more apparent in 2025.”
In fact, it was recently found that the group APT41 is using updates to the LightSpy malware campaign to infiltrate common communications systems, notably WhatsApp.
Says Wiseman, “A rule of thumb: If it is free, you are the product, and your data can be sold, moved, and targeted. This leaves users’ metadata and personal information at risk of exposure or misuse by third parties. This concern goes beyond system availability; it’s about the uncertainty surrounding who has access to sensitive information and what they might do with it. As attackers increasingly weaponize insights from this data, the risks surrounding these tools grow significantly,” he says.
And this is especially true when you consider how some organizations are using these consumer grade applications.
“Many assume these widely used communication apps are secure enough for sensitive information, trusting that their internal security teams would intervene if they weren’t secure. However, these platforms are often used without proper oversight or security controls, exposing both individuals and organizations to unnecessary risk.”
3. Identity Spoofing Will Escalate as AI, Deepfakes, and Exposed Metadata Fuel Sophisticated Attacks
We’ve been building toward this next issue for some time now, and the risk is growing rapidly. Sophisticated identity spoofing should be a significant concern for all organizations in 2025, for two major reasons.
First, AI and deepfake technologies and tactics are rapidly advancing to make voices, images, and videos more convincing, and easier to create, than ever before. Imagine how convincing it would be if attackers can imitate the voice of your boss in a call, asking you to join a fake Teams call or to send a confidential document.
Secondly, attackers will continue to leverage personal metadata and ‘listening data’ – such as voice and text from telecom network breaches – that give them up-to-the-minute information to better target victims.
“Breaches such as AT&T in July, as well as the notable Verizon and T-Mobile breaches in October, have shown us how widely accessible user metadata and real-time communication information have become. This could enable threat actors to tailor their attacks based on previous communications, making their impersonations harder to detect,” predicts Wiseman.
“In 2025, we will need to be more cognizant of where our data goes, including metadata, and how it’s secured. As attackers weaponize the knowledge of communication patterns and collaborations, the threat of identity spoofing will reach new levels of danger, demanding enhanced security measures to safeguard personal information. I think we’ll also see a greater emphasis on deploying robust secure communications solutions to combat this, beyond the current and widespread use of communication apps.”
4. Secure Communications Will Define the Future of Supply Chain Security in Critical Industries
In 2025, secure communications will take center stage as a critical component of supply chain security, especially in high-risk sectors like healthcare, finance, and critical infrastructure.
For additional details on this prediction, I turned to Christine Gadsby, BlackBerry Vice President & CISO for Cybersecurity, who has traveled the globe speaking about supply chain security.
“The interconnected nature of today’s supply chains means security risks now extend beyond primary suppliers to third, fourth, and even eighth-party vendors. When compliance with communications and data privacy is lacking at any point along this chain, it can trigger far-reaching consequences, exposing companies to malicious attacks and operational disruptions.”
Adds Gadsby, “In sectors where data privacy and secure communications are paramount – like finance, healthcare, and critical infrastructure – lapses in these areas compromise the entire supply chain, with potentially devastating results. Additionally, regional supply chain security legislation passed in 2024 will need to be complied with in 2025 to avoid punitive fines that are likely for non-compliance.”
5. Blurring Personal and Professional Boundaries Puts Employees and Organizations—at (Cyber) Risk in 2025
Your employees will continue to be at risk and can easily expose your organization if they blend their personal and professional lives on their devices, as it creates new entry points for cyberthreats. Also, senior executives and employees with access to “insider” information will certainly face heightened risks as they routinely access their organization’s most sensitive data, as well as personal and restricted information.
Says Wiseman, “Using personal devices and unsecure networks while traveling or conducting sensitive communications, can expose critical vulnerabilities within organizations. Many high-value employees may overlook these risks, assuming their personal devices are safe, but simple practices like syncing with personal Apple/Google IDs can inadvertently expose sensitive data.”
And many threat actors are becoming more targeted in their attacks, choosing quality over quantity.
“They want to know that an attack will be successful, and they are willing to put resources behind it to increase the chance of success. While full compliance with established securities protocols is critical and a strong first step, we’re finding (and will continue to see throughout 2025) that existing security controls are insufficient.”
Concluding Thoughts About Security in 2025
Because there are cracks in any armor, this is a good time to assess your communication methods and fortify against pervasive interception tactics at both the network and device levels. Securing your communications is no longer optional, but a crucial part of any comprehensive cybersecurity strategy in 2025.
How BlackBerry SecuSUITE and UEM Can Help
Organizations around the world have trusted BlackBerry for secure and efficient communications for four decades. BlackBerry no longer makes devices, but we continue to protect the world’s most critical and sensitive communications between governments, industries and individuals – maintaining national security and keeping troops, politicians and executives, safe.
We secure them all with our military-grade secure communications software and easy-to-use tools incorporated into BlackBerry® SecuSUITE® and BlackBerry® Unified Endpoint Management (UEM).
BlackBerry SecuSUITE provides high security voice and messaging for iOS® and Android™ and has multiple NIAP (Common Criteria) certifications. It is listed as a Commercial Solutions for Classified (CSfC) compliant product to meet the highest security requirements for the U.S. Federal Government and the broader Five Eyes intelligence alliance.
BlackBerry UEM helps ensure total cybersecurity coverage for all workflows, on any device, anywhere — and segregates sensitive corporate data on each device. For the second consecutive year, BlackBerry is placed in the upper right quadrant of the Gartner® Peer Insights™ 'Voice of the Customer' UEM Tools report.
Make 2025 the year you join the world’s largest and most secure organizations that use BlackBerry SecuSUITE and BlackBerry UEM to protect communications and data.