The start of a new year presents a valuable opportunity for organizations and individuals alike to reassess the ever-evolving cyber threats shaping our world. Among the most impactful trends poised to define 2025 are the rapid rise of Artificial Intelligence (AI) and the growing democratization of DDoS attacks as tools of cyber warfare.
Experts from Radware weigh in on these pressing challenges and offer guidance for identifying and dealing with each.
AI: A Double-Edged Sword
Howard Taylor, Radware’s CISO, highlights that AI has become a central player in the cybersecurity field, both as a defense tool and as a growing risk. “You can’t think about raising cybersecurity awareness without keeping an eye on AI,” he says. “While AI has improved incident detection and response capabilities, it has also opened new doors for cybercriminals.”
Applications like ChatGPT and CoPilot have been weaponized by bad actors to not only create more realistic and convincing deepfakes and automated phishing scams and influence campaigns but also launch them more easily at scale. The rapid adoption of these technologies has also created compliance risks that, without proper oversight, can expose companies to legal and financial troubles. “In the absence of proactive monitoring, companies risk overlooking important issues that should have been identified, resolved, and reported,” Taylor warns.
Moreover, AI has complicated the legal landscape, sparking what Taylor refers to as “cyber lawfare” and the increasing business threat of fines, lawsuits, and potential imprisonment. AI applications may unknowingly pull copyrighted material into AI-generated text. Lawfare hunters have tools to identify these breaches and attempt to extract payment from the “copyright violator.” CEOs and boards must now consider this growing regulatory risk as an additional cost of doing business.
Cyber Warfare and the Democratization of DDoS Attacks
Like AI, cyber warfare has played a significant role in reshaping the threat landscape. “You can’t address cybersecurity awareness without addressing the reality of cyber warfare,” Pascal Geenens, Radware’s director of threat intelligence explains. “With more than two years of illegal attacks left unprosecuted following Russia’s invasion of Ukraine and the surge in hacktivism, the threshold into a life of cybercrime has reached a new low. Putting DDoS attacks within the reach of the everyday person is not just for video games. The IT Army of the Ukraine used a similar strategy.”
The group successfully built upon the collective power of volunteers across the globe and in the process became a pioneering force in the democratization of DDoS attacks. “At the same time, they have set the stage for future cyber warfare strategies and reframed what it will take to secure our world going forward,” Geenens added.
As these types of tactics gain traction, future cyber warfare strategies will become even more decentralized and accessible, presenting new challenges for global security.
Critical Infrastructure at Risk
Critical infrastructure has become a top target for malicious DDoS campaigns waged by hacktivists with political and religious motivations. “Organizations must pay special attention to the heightened risks to critical infrastructure,” says Travis Volk, Radware’s senior vice president of global service providers. “Part of raising cybersecurity awareness is being reminded of a rapidly evolving threat landscape, where critical infrastructure is increasingly targeted by foreign adversaries.”
From internet service providers (ISPs) to large telecoms, these entities represent high-value targets for cybercriminals due to the vast amounts of sensitive data they handle and their access to downstream customers. With AI accelerating the speed and sophistication of attacks—ranging from UDP floods to web, bot, and API business logic attacks—companies need to adopt a proactive, agile approach to resilience planning and rapid response. As Volk puts it, “Securing our world from attacks in the future means we must be prepared to evolve alongside them.”
AI in Security: A Crucial Investment
Finally, John Eisenbarger, Radware’s vice president for U.S. carriers and service providers, emphasizes that the growing complexity of cyber threats is pushing more organizations toward managed security services, with AI playing a crucial role in accelerating this transition. “Now is a good time for all organizations to evaluate their AI investment and the critical role AI can play in enhancing their security measures,” Eisenbarger advises.
As the cybersecurity talent gap widens and attacks become more aggressive, AI can serve as a critical force multiplier, allowing organizations to stay competitive against cybercriminals who are already exploiting the technology to their advantage. “Cybercriminals are certainly not waiting to make the most of AI. Industry will need to keep pace,” Eisenbarger adds.
A Call to Action
The rise of AI, the democratization of DDoS attacks, and the threat to critical infrastructure require immediate attention not just during Cybersecurity Awareness Month but throughout the year. It is important to recognize that cybersecurity success hinges on the ability of organizations to quickly evolve their defenses alongside these emerging threats. As AI continues to blur the lines between defense and risk, organizations must be resigned to stay vigilant, adaptable, and proactive.
About the Author
Neal Quinn is Head of Cloud Security, North America at Radware. Neal has over 20 years of experience in the architecture and operation of managed cloud security services and cloud DDoS mitigation. Prior to Radware, Neal was VP of Networks at Akamai, leading the global capacity planning organization and later in his tenure the countermeasures engineering teams for the Security Business Unit, in addition to leading large global capacity buildout programs for the DDoS mitigation scrubbing centers. Prior to its acquisition by Akamai, Neal was the CTO at Prolexic Technologies, leading the SOC, Engineering, Architecture and SERT teams. Neal has extensive experience consulting with large enterprise accounts and facilitating tactical security responses in complex organizations.
Neal can be reached online at https://www.linkedin.com/company/radware and at our company website https://www.radware.com/
