Cybersecurity experts at Kaspersky Labs have warned that central banks and open banking initiatives will likely become prime targets for cyberattacks in 2025. These attacks could potentially expose sensitive financial data and disrupt critical payment systems. 

In addition to the threats facing central banks, the report predicts a surge in attacks based on stolen information and an increase in the sophistication of ransomware attacks. The open-source community is also likely to face continued pressure from supply-chain attacks. 

Kaspersky’s experts urge individuals and businesses to adopt robust security measures to mitigate these evolving risks. They emphasise the importance of threat intelligence, predictive analytics, continuous monitoring, and a zero-trust mindset in safeguarding critical data and operations. 

In 2025, ransomware techniques are expected to become more sophisticated and damaging. Instead of just encrypting data, ransomware will increasingly employ “data poisoning” techniques, which involve subtly altering or introducing false data into databases. This can make it difficult for businesses to trust the accuracy of their data, even after it has been decrypted.

In 2025, more advancements in ransomware techniques are anticipated. First, ransomware will covertly manipulate or introduce erroneous data into databases, rather than merely encrypting data. Second, advanced ransomware organisations will start using post-quantum cryptography as quantum computing develops. 

“The encryption techniques used by this ‘quantum-proof’ ransomware are designed to withstand decryption attempts from both classical and quantum computers, making it nearly impossible for victims to decrypt their data,” it said.

Ransomware-as-a-service phenomenon will grow significantly, allowing less experienced actors will be able to launch sophisticated attacks with kits as inexpensive as $40. This will lead to a significant increase in the number of attacks.

“In 2025 and beyond, resilience against financial cyberthreats will demand robust security measures from both individual users and businesses. The best defence will combine threat intelligence, predictive analytics, continuous monitoring, and a zero-trust mindset to safeguard critical data and operations from sophisticated attackers,” Fabio Assolini, head of the Latin American unit of the Global Research and Analysis Team (GReAT) at Kaspersky, said.

Cybersecurity experts at Kaspersky asked people to organise regular cyber-training programmes for employees and warn them about potential cyber threats. “Uninformed staff are among the most common initial attack vectors that can lead to serious financial losses for an organization,” he said.

The warning comes as part of Kaspersky’s annual Security Bulletin, which offers predictions and insights into the evolving landscape of cybercrime. The report highlights a broader trend of financial cyber threats increasingly targeting mobile platforms and leveraging advanced technologies such as artificial intelligence and quantum computing. 

For 2024, the Moscow-based cybersecurity solutions company predicted that there would be an increase in AI-powered cyberattacks, a surge in fraudulent schemes targeting direct payment systems, a rise in open-sourced backdoored packages, and more sophisticated ransomware techniques.