Teenagers leading new wave of cybercrime

Global data breaches show no signs of slowing down as this year has already exceeded 2023 in the number of data breaches and consumers impacted, according to Experian.

Younger cybercriminals on the rise

Today, the world of cyber hacking is not confined to grown ups nor is the fallout. According to the FBI, the average age of someone arrested for cybercrime is 19 vs. 37 for any crime. Many teens will have been recruited into the “business” by more sophisticated fraudsters, who reach them through online gaming, chat and social media.

As more states pass legislation against revenge porn, cyberbullying, and other forms of online fraudulent attacks, we may see a dramatic increase in the number of teens prosecuted for hacking and fraud.

As more companies continue to train their employees on the responsible use of AI, we could see a marked increase in the use of that AI education by those very same employees for internal theft, sensitive information sourcing, and much more. Next year could see at least one global brand impacted by fraud perpetrated by an insider to whom it provided educational AI training.

Global cyberattackers have had large data centers in their sights for years, but one clear attack vector has emerged with the exponential growth of consumer and business use of GenAI: power. On average, a single ChatGPT query uses nearly 10 times more electricity to process than a standard Google search. All these entities represent new attack surfaces that could be disrupted by bad actors.

Globally, the problem is exacerbated. Cloud infrastructure and data center technology and security vary wildly from country to country. Within the next year, cyberattackers may successfully jeopardize a nation-state’s cloud infrastructure through an attack on the power needed to run it.

AI-driven cyber incidents set to dominate headlines in 2025

A recent story of hackers being duped by sophisticated malware from a more malicious hacker and losing their funds points to a fast-growing trend in the high-stakes world of cybercrime: the predators becoming the prey. The next year may see a marked increase in hacker-on-hacker attacks either for political or monetary reasons. These incidents highlight how the boundaries between predator and prey in the digital world are increasingly blurred.

AI-driven fraud is increasing in sophistication so quickly that fraudsters will soon be able to create virtually undiscernible proof-of-life documents that will fool even the most discriminating eye or identification system. To combat this evolving reality, nation-states and government agencies could move to dynamic identification that will replace static driver’s licenses and social security cards with dynamic PII that continually changes like an online 3D barcode used for event tickets.

“While supply chain breaches and ransomware dominated the cyber landscape in 2024, AI-related incidents will likely become a major headline maker in 2025,” said Michael Bruemmer, VP of Global Data Breach Resolution at Experian. “Investments in cybersecurity will increase to tackle this emerging threat while hackers are having a field day leveraging it for everything from phishing attacks and password cracking to producing malware and deepfakes.”

“We expect that globally data breaches continue at the current pace next year, with ransomware being even more sophisticated with the use of AI,” added Jim Steven, Head of Crisis and Data Response Services at Experian Global Data Breach Resolution in the United Kingdom. “We may also see threat actors escalating risks to gain greater rewards and the use of consumer data to damage reputations rising in 2025.”