The Top Cybersecurity Trends from 2024 (and what’s in store for 2025)

Share:

Cybersecurity is always evolving. 

Gone are the days of bogus emails from far-off princes and pop-up ads claiming our computer has a virus.

These days, IT pros have bigger problems. Much bigger problems.

2024 brought a new wave of cybersecurity and IT challenges, ranging from poorly timed software updates to QR code exploitation. And there’s no doubt 2025 will be even more … exciting … for those trying to keep end users and their devices secure. 

Here are the top cybersecurity and IT trends we saw in 2024, as well as our predictions for 2025. 

Trend #1: More MFA. More token hijacking.

You’re always preaching the benefits of MFA. And users have (begrudgingly) started to listen. 

But the more locks you put on the door, the more clever hackers get in their attempts to break in.

To bypass protective measures like MFA and stronger Conditional Access policies, bad actors are increasingly turning to adversary-in-the-middle (AiTM) techniques like token hijacking. 

They send end users to convincing-but-bogus sites imitating companies like Microsoft, Salesforce, QuickBooks, you name it. Once the end-user “logs in,” the hacker can harvest the session token and use it to get around MFA — and into your organization’s most critical data. In 2024, the number of token thefts rose to 39,000 incidents … per day, according to the Microsoft Digital Defense Report 2024

Trend #2: Everyone needs an incident response plan (just ask Crowdstrike)

In summer 2024, CrowdStrike updated its software. And brought the world to a grinding halt.

Flights were delayed. Hospitals went offline. Millions of computers around the globe displayed the blue screen of death. 

It was dubbed the largest IT outage in history and cost companies more than $5 billion in losses.

Not a good look for CrowdStrike.

Having an incident response plan can help organizations respond to the unexpected, whether it’s a breach of the CFO’s Salesforce account or a software update gone wrong.

The plan should outline each team member’s responsibilities, reporting obligations and next steps. 

Who shuts down what? When should a situation escalate from level-one techs to management? What is the protocol for bringing in the legal team or your cyber insurance provider? 

It might also be beneficial to come up with a process for testing software updates … before rolling them out to production.

Trend #3: Business email compromise (BEC) is on the rise (just ask Microsoft’s executive team)

Summer 2024 also brought the announcement that Russian hackers had infiltrated the email accounts of Microsoft’s leadership, legal and cybersecurity teams. 

Even more embarrassing for Microsoft, the hackers had broken into the tech company’s top employees’ accounts with a tactic taught in Hacking 101: password spraying.  

Instead of raising the flag for multiple login attempts by repeatedly trying to guess an employee’s credentials, the bad actor merely tried logging into multiple accounts with a few common passwords. 

And ta-da, all of the company’s systems and data were theirs. 

Trend #4: Text-based phishing takes center stage

“Smishing” is a combination of “SMS” and “phishing.” (Get it?)

Hackers send a text or SMS message impersonating an employee or vendor. Or maybe the text looks like it came from the organization’s bank or payroll company. 

Either way, the message is convincing enough for the recipient to hand over their login credentials or other sensitive data.

Most people want to do right by their colleagues, employers and clients. If they get a text asking to contribute to so-and-so’s birthday gift card or share a password with someone who is supposedly locked out of an account, they’ll do their best to help. 

Bad news for you. Great news for hackers. 

Trend #5: Using QR codes for evil

QR codes are another new phishing foray for hackers. But please don’t make us call it “QRishing.”

QR codes took off during the pandemic, especially in hospitality settings. They were plastered over restaurants everywhere so patrons could see the menu, order food and pay their bill — without any waitstaff interactions. 

People became used to training their phone cameras on these seemingly innocent black and white squares, a fact that hackers are increasingly using to their advantage.

QR codes are now the second most popular phishing bait, right behind fraudulent links, according to the Microsoft Digital Defense Report 2024.

What adds to QR codes’ appeal (at least to bad actors, that is) is that they’re intentionally designed to obscure the destination URL. 

Hackers don’t have to work as hard to impersonate a trusted brand or business. That makes it even easier to get a user’s login information and other sensitive data.

Looking ahead to 2025

Last year, more than 99% of identity attacks were password attacks. 

And it makes perfect sense. More companies are trusting their entire operations to SaaS applications that simplify internal processes and workflows. 

For bad actors, getting — or even guessing — the log-in information to those apps unlocks a treasure trove of data, information and access. 

In 2025, we bet hackers will develop even more advanced social engineering tactics to dupe users into handing over their passwords. They’ll likely also find new ways to exploit an account or system’s vulnerabilities and get in on their own. 

More AI-driven attacks

AI claims to make our lives easier. For hackers, that’s definitely true. 

We’ve already seen bad actors use AI to automate repetitive tasks. For example, password attacks are now a breeze thanks to AI-driven credential stuffing.  

In the coming months, we wouldn’t be surprised if they also started using AI to scan for vulnerabilities at scale.

Imagine a tool that could scan hundreds (if not thousands) of sites’ and apps’ code for weak spots like outdated software, vulnerable open ports or lousy encryption protocols. Or a bot that could exploit traffic patterns to perfectly overload a Distributed Denial of Service (DDoS) target.

Shudder. 

New ways to use our phones against us

Move over bogus texts. In 2025, the deep fakes will likely get (frighteningly) more real.

We predict hackers will move their phishing scams from email to voicemail, leveraging AI to create seemingly trustworthy personas that mimic IT support or banking representatives. 

We also expect to see a rise in SIM swapping. In this scenario, a hacker collects the information they need to call a victim’s mobile carrier, answer their security questions and ultimately switch their SIM to a new device. 

Once that’s done, the hacker can receive MFA codes, one-time passcodes and other information they need — to get the company data they want. 

Stay ahead of the curve with SaaS Alerts

SaaS Alerts helps you navigate the ever-changing cybersecurity landscape and keep users safe for whatever the future has in store.

Our 24/7 monitoring capabilities help identify potential breaches, even while you sleep. We also offer automatic lockdown of impacted accounts. 

Sign up for a free demo to see how we make it easy to cover your SaaS — in 2025 and beyond.

Get Started

Request a Demo