Cybersecurity awareness: AI threats and cybercrime in 2025 - The World Economic Forum

Small businesses are particularly exposed to cybercrime, with seven times more organizations reporting insufficient cyber resilience than in 2022. Image: Unsplash/danranwanghao Andrea Willige Senior Writer, Forum Stories This article is part of: Centre for Cybersecurity Cybercrime continues to rise, with cybersecurity and AI increasingly linked as both a threat and a defence tool, according to the World Economic Forum’s Global Cybersecurity Outlook 2025. Organizations face a complex landscape of evolving threats, from sophisticated deepfake scams and social engineering to a widening cybersecurity talent gap. Building resilience requires global collaboration and public-private partnerships, like those championed by the Forum, to address borderless cybercrime and develop skilled talent. Cyberattacks are on a steep rise. Over the past four years, their average weekly number has more than doubled: from 818 per organization in the second quarter of 2021 to 1,984 in the same period this year. In the last two years alone, the global average number of weekly attacks encountered by organizations grew by 58%. At the same time, the World Economic Forum’s Global Cybersecurity Outlook 2025 points to an increasingly complex threat landscape. From geopolitical tensions to the impact of cybersecurity and AI, businesses’ vulnerabilities are growing rapidly. Adding to this is a widening skills gap impeding their efforts to step up defences. Small businesses are particularly exposed, with seven times more organizations reporting insufficient cyber resilience than in 2022. As we approach Cybersecurity Awareness Month this October, it's clear that the first 10 months of 2025 have been defined by heightened cyber risks and significant challenges for the world’s largest organizations. Here are 10 headline events and statistics that have shaped the year so far. 1. Cybersecurity budgets are tightening – AI steps in Despite the increasing number of attacks, Industry analyst IANS reports stalling budgets for cybersecurity. Growth has slowed from 17% in 2022 to just 4% in 2025, as the graph below shows, rather than increasing in line with threat levels. Further complicating matters is an acute talent scarcity, making it not only hard but also expensive to recruit cybersecurity experts. The solution for many businesses is to ramp up the use of AI to bolster their cyber defences. 2. AI agents are boosting threat levels The flip side is that AI is not only used by cyber defence experts but also by threat actors. Generative AI is increasingly being employed for advanced phishing, identity theft and zero-day exploits targeting unknown security flaws, finds the Forum's Artificial Intelligence and Cybersecurity: Balancing Risks and Rewards report. Anthropic, creator of the Claude chatbot, warns that hackers are “weaponizing” its AI, which has been used to develop malicious code affecting at least 17 organizations. The technology also helped hackers choose targets and suggested ransom amounts. Stolen credentials are among the most widely used ways for cybercriminals to get a foot in the door, making people the weakest link. 3. Exploiting human trust That cyber criminals can get hold of such information is not necessarily down to employees’ negligence but down to the increasing ingenuity of the perpetrators themselves. Scattered Spider, a group of hackers believed to be behind the attacks on companies including Allianz, Quantas, Marks & Spencer (M&S), Victoria’s Secret and Whole Foods, is particularly adept at social engineering techniques. They often impersonate employees or contractors to gain access to corporate IT systems. Thwarting such attempts is not down to the IT people alone but affects everyone, Ivan John Uy, the Philippines’ former Secretary of the Department of Information and Communications Technology, told the World Economic Forum: “Cybersecurity is not a technical skill but a life skill.” 4. Deepfakes are now a firm part of cybercriminals’ toolkit Deepfakes add another level of sophistication to social engineering, as British engineering firm Arup found to its detriment earlier this year. A group of criminals used AI-generated clones of the company’s senior executives on a video call to successfully trick a finance employee into transferring $25 million. In a foiled fraud attempt at Ferrari, criminals used the AI-generated voice of CEO Benedetto Vigna, convincing all but one employee, who cleverly asked a question only the real CEO could answer. In the summer, Denmark became the first country in Europe to protect an individual’s right to their appearance and voice as part of an amendment to its copyright law. 5. Marks & Spencer’s online ordering returns after 3 months Following a major ransomware attack in April, UK retail giant M&S finally resumed its click-and-collect service in August, after a 15-week suspension. The attack is estimated to have cost the retailer around $300 million in annual profits. This and other incidents underline that cyber resilience is about more than just technical solutions. As the World Economic Forum’s white paper The Cyber Resilience Compass: Journeys Towards Resilience highlights, cybercrime needs to be met with comprehensive strategies. Loading... 6. Cybersecurity law ramps up As cybercrime grows, governments are strengthening legal frameworks to ensure cyber resilience. A series of EU digital resilience laws is coming into force this year, including the Digital Operational Resilience Act, the Cyber Resilience Act and the AI Act. The EU Council also adopted a revised cyber crisis management blueprint to support companies and reduce reliance on US cyber infrastructure. The UK has announced plans to ban public sector payments for ransomware, removing hackers' incentives and protecting vital services. Businesses believe ransomware poses the greatest cyber risk to their operations, according to the Forum’s Global Cybersecurity Outlook 2025. 7. Governments draw on AI for their cyber defences Meanwhile, ChatGPT owner OpenAI will work with the US Department of Defense to boost its AI capabilities, including in cyber defence, as part of a $200 million contract. After a surge in cyberattacks across Europe, Microsoft has offered no-cost cybersecurity services to European governments. Meanwhile, French telco Orange announced it is creating a new defence and homeland security division to support European organizations in these areas. 8. Cybercrime goes global The series of attacks presumed to have been carried out by Scattered Spider underlines the global nature of cybercrime. To combat it, wider collaboration across geographies will be key. In August, the World Economic Forum reported on the dismantling of 25 cryptocurrency mining centres in Angola, a joint effort by INTERPOL and AFRIPOL across 18 countries, which saw 1,200 arrests and $97 million recovered. 9. Fighting the cybersecurity talent shortage Talent scarcity is one of the main obstacles to organizational resilience against cybercrime. The Global Cybersecurity Outlook 2025 states that only 14% of organizations have the right talent, with developing nations hit hardest. In May, the Forum’s white paper Growing Cyber Talent Through Public–Private Partnerships developed a model for partnerships among governments, firms and international organizations to address talent gaps. The suggested approach is modelled on successful PPP projects across healthcare, education and infrastructure, in markets such as Kenya and Saudi Arabia. The cybersecurity talent framework. Image: World Economic Forum 10. International travel disruptions at Europe’s airports In late September, several European airports, including London Heathrow, Berlin, Dublin and Brussels, were hit by a cyberattack on check-in and baggage systems. The hackers targeted an IT system that enables different airlines to use the same check-in desks, causing long queues, flight delays and cancellations. This latest incident reinforces the fact that international collaboration will remain vital in the battle against cybercrime, as will fast-tracking new approaches to identifying potential vulnerabilities early, before they can be exploited. "The recent cyberattack on airport check-in and boarding systems across Europe is a stark reminder that cyber resilience is a shared responsibility across the entire aviation ecosystem—including airlines, service providers, technology partners and regulators," said Akshay Joshi, Head of the Centre for Cybersecurity at the World Economic Forum. "Strengthening collaboration and preparedness at every level is essential to safeguard public trust and ensure operational continuity." Have you read? Why cybersecurity at the speed of AI is now a business cornerstone AI fills the gap as cybersecurity budgets shrink, and other cybersecurity news Cybercrime is borderless. This global bust shows how law enforcement can be too Loading... Don't miss any update on this topic Create a free account and access your personalized content collection with our latest publications and analyses. Sign up for free License and Republishing World Economic Forum articles may be republished in accordance with the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International Public License, and in accordance with our Terms of Use. The views expressed in this article are those of the author alone and not the World Economic Forum. Stay up to date: Cybersecurity Follow Related topics: Cybersecurity Emerging Technologies Share: The Big Picture Explore and monitor how Cybersecurity is affecting economies, industries and global issues Forum Stories newsletter Bringing you weekly curated insights and analysis on the global issues that matter. Subscribe today More on Cybersecurity See all Is this how to prepare for an agentic AI driven future? David Haber March 6, 2026 AI is supercharging a global cyber fraud crisis. It could also solve it Why quantum security is a question leaders cannot ignore right now The cyber threats to watch in 2026 – and other cybersecurity news 4 steps Gulf countries are taking to protect people from financial crime From cyber security to cyber resilience: Why organizations need to practice for the worst