01/12/2025

MONDAY | DEC 1, 2025

23

LYFE

Cybercrime turns fully industrialised

o AI, automation make security far more challenging

and private sector actors are aligning on collective defense. “However, we must go beyond strategy: we need action. Cyber adversaries are growing increasingly sophisticated, especially around AI-driven attacks, as we’ve flagged in our Security Predictions for 2026 where generative AI and agentic systems are expanding the attack surface, making proactive governance, AI-driven defenses and workforce readiness more critical than ever. “It’s imperative for Malaysia’s organisations to embrace proactive, AI-infused defenses, embed strong cyber hygiene across all levels and invest in continuous training. Only by closing the gap between ambition and execution can we truly secure Malaysia’s digital future.” The company’s lead of Forward-looking Threat Research Ryan Flores said: “2026 will be remembered as the year cybercrime stopped being a service industry and became a fully automated one. “We are entering an era where AI agents will discover, exploit and monetise weaknesses without human input. The challenge for defenders is no longer simply detecting attacks, it’s keeping pace with the machine-driven tempo

T HE coming year will mark the true industrialisation of cybercrime, revealed cybersecurity company Trend Micro Inc via its annual Security Predictions Report for 2026. Artificial intelligence (AI) and automation are now enabling threat actors to run entire campaigns autonomously, from reconnaissance to extortion, creating unprecedented speed, scale and complexity for enterprise defenders. Its managing director Goh Chee Hoh said: “Malaysia stands at a critical inflection point in its digital journey. While the rise in cyber incidents, including a reported 29% jump in data breaches in Q1 2025, underscores how real and present the threat is, our nation’s forward-looking moves give me cautious optimism. “The launch of the Malaysia Cyber Security Strategy 2025–2030, along with Malaysia’s regional leadership in Asean’s upcoming cyber resilience plan, are evidence that our public

AI and automation are now enabling threat actors to run entire campaigns autonomously.

of threats.” The report highlighted how generative AI and agentic systems are transforming the economics of cybercrime. Autonomous intrusion campaigns that adapt in real time, polymorphic malware that constantly rewrites its own code and deepfake-driven social engineering will be standard tools for attackers. The same automation also threatens to flood businesses with synthetic code, poisoned AI models and flawed modules hidden inside legitimate workflows, blurring the line between innovation and exploitation. Hybrid cloud environments, software supply chains and AI infrastructures are expected to be the primary targets in 2026.

Poisoned open-source packages, malicious container images and over-privileged cloud identities will become common attack vectors, while state-sponsored groups will increasingly turn to “harvest-now, decrypt-later” strategies to future-proof espionage against the advance of quantum computing. Ransomware is evolving into an AI-powered ecosystem capable of managing itself – for example, identifying victims, exploiting weaknesses and even negotiating with targets via automated “extortion bots”. The company’s threat researchers expect these campaigns to become faster, harder to trace and more persistent, driven by data rather than encryption alone. Organisations worldwide are

advised to move from reactive defense to proactive resilience by embedding security across every layer of AI adoption, cloud operations and supply chain management. Organisations that integrate ethical AI use, adaptive defense and human oversight will be the ones best positioned to succeed in the future. The firm’s 2026 predictions outline a path forward based on visibility, automation with human validation and a cultural shift that treats security as strategic infrastructure. Those who innovate securely, by balancing speed with governance and intelligence with ethics, will set the standard for trust and resilience in an increasingly autonomous world.

More and more, cybercriminals are turning to AI to ramp up their attacks.

Mega sales become targets for phishing A 2025 report by Kaspersky has revealed that cybercriminals continued to use seasonal shopping periods to distribute phishing pages and fraudulent promotions aimed at collecting personal and payment information. platforms, including 18.56 million abusing Discord. Black Friday-related promotional campaigns continued to play a major role. themed and 576,873 Spotify-related attempts recorded in 2025. Threat activity extended well beyond e-commerce. In 2025, it has detected two million phishing attempts impersonating gaming platforms such as Steam, PlayStation and Xbox.

In the first two weeks of November, it has also detected 146,535 spam emails referencing seasonal sales, including 2,572 tied to Single’s Day promotions. Many campaigns reused templates observed in previous years, imitating well-known retailers such as Amazon, Walmart and Alibaba, offering early-access discounts to direct users to fraudulent pages. An extensive phishing activity abusing entertainment platforms was also detected, with 801,148 Netflix

Gaming platforms also remained a prominent target throughout the year. From January through October, the company blocked 6.39 million phishing attempts impersonating online stores, banks and payment systems, with 48.2% targeting online shoppers. Over the same period, it also identified more than 20 million attempted attacks on gaming

Malware disguised as gaming software saw significant activity as well: 20.88 million attempted infections were recorded, with Discord accounting for 18.5 million detections – more than 14 times higher than in 2024. Therefore, it is highly important to stay truly protected, so that shopping brings positive emotions and benefits, not financial losses and data leaks.

Cybercriminals use seasonal shopping periods to distribute phishing pages and fraudulent promotions. – ALL PICS FROM 123RF