Introduction
2024 was a big year for technology and cybersecurity as artificial intelligence and large language models continued to take over.
Is 2025 going to follow a similar trend?
We asked our expert penetration testers what their cybersecurity trends & predictions were for 2025, and here are the results.
The Rise in Large Language Model Data Leaks
Starting with a jolly subject, we believe 2025 will see a significant increase in LLM-related data leaks.
In 2024, we saw LLMs implemented everywhere, with many businesses replacing large swathes of their frontline support, replacing it with Chatbots.
We suspect this trend will continue in 2025; however, since many businesses are turning to LLMs to avoid being left behind, mistakes will be made, and corners will be cut as companies rush to catch up.
Many businesses will be vulnerable to even the simplest tactics like prompt injection, which involves gaining unauthorised access to information by inputting malicious prompts.
In our daily dealings with LLMs, we’ve already found evidence of this, and businesses that fail to get theirs tested stand little chance of preventing a genuine attack.
Large Language Models Will Help Make Cyber Attacks More Sophisticated
Sticking with Large-Language Models, LLMs like ChatGPT and Gemini have taken the world by storm, enabling many people to work more efficiently, which will likely continue in 2025.
While most people use these LLMs for good, hackers will inevitably attempt to use them maliciously. Thanks to the speed and power of most LLMs, this will result in increasingly sophisticated cyberattacks.
You might think this isn’t possible thanks to LLM safety protocols, but we can assure you it is as these protocols are easily bypassed. After all, our pentesters often use LLMs to assist in carrying out thorough penetration tests, and all it takes is for a hacker to pretend they’re an ethical hacker to be given the tools to do some serious damage.
In line with this trend, I’m sure we’ve all seen an increasing number of people starting jobs without experience and relying on LLMs to do the work.
Given this, it’s not outrageous to suspect criminals with little hacking experience will use LLMs similarly.
It’s also likely to lead to more fraudulent businesses, but that’s by-the-by.
Companies will Move Away from Buzzwords like AI-Driven
Now, this is something that we’re praying happens in 2025.
Over the last two years, more companies have attempted to shoehorn terms like AI-driven into their product explanations, thinking this will make their offerings superior.
How often have you seen marketing taglines like this: “Our AI-driven smart app can help you achieve your business goals!”
From investors and professionals to consumers, everyone is fed up with taglines like these, and fingers crossed, this trend will die out in 2025 as more companies realise the damage it causes.
Advances In Quantum Computing will Have Significant Effects on Modern Encryption
Without having to explain quantum computing or cryptography, the best way to understand this prediction is as follows:
Quantum computing significantly increases our ability to process information faster, making it easier to crack modern encryption.
Another way of thinking about this would be to look at the effect of Colossus on World War Two.
While it was possible to crack the enigma code through sheer brute force, this was extremely time-consuming and, therefore, had little impact on the war effort.
Colossus’ ability to process data faster than hundreds of human codebreakers made cracking what was then widely regarded as the most sophisticated encryption device relatively easy.
We believe that quantum computing will have the same effect on modern encryption.
Cybersecurity organisations and governments worldwide have started grappling with this issue already, and the likelihood is that in the same way quantum computing can be used to easily bypass modern encryption, it can also be used to enhance it.
Conclusion
As we move into 2025, the cybersecurity landscape will evolve rapidly. With the rise in LLM-related vulnerabilities, increasingly sophisticated cyberattacks facilitated by AI, a hopeful decline in overused buzzwords, and the potential quantum leap in computing power, businesses face significant challenges and opportunities.
To stay ahead, organisations must prioritise proactive measures such as regular penetration testing, implementing robust security frameworks, and monitoring emerging threats. While the future of cybersecurity may appear daunting, those who focus on resilience, innovation, and preparation will be well-placed to navigate the year ahead.
If you have recently implement LLMs into your business and want to make sure it’s set up securely, book an LLM penetration test today.