Samsung SDS analyzed cybersecurity issues that occurred domestically and abroad last year and announced the top five cybersecurity threats to watch out for this year on the 18th.
Samsung SDS noted that it reflected the opinions of over 400 security experts from the corporations in the manufacturing, finance, and logistics sectors as well as the public and defense institutional sectors based on its experience in operating a global security monitoring center.
The company selected the following as the '2025 top five cybersecurity threats': ▲ artificial intelligence (AI) security threats ▲ cloud security threats ▲ ransomware attacks ▲ software supply chain security threats ▲ operational technology/Internet of Things (OT/IoT) security threats.
Samsung SDS stated that as more corporations utilize generative AI, security threats are also increasing. In particular, to respond to phishing attacks or malware damage that exploit AI, there should be the establishment of AI-based threat detection, analysis, and protection systems. The corporation also emphasized that enterprises need to proactively respond to security threats with an 'intelligent security monitoring system' in line with the pace of AI advancements.
Since the COVID-19 pandemic, corporations have been increasingly utilizing cloud infrastructure to adopt new foundational technologies and services such as generative AI and data analytics. However, improper changes to cloud configurations, exposed long-standing 'credentials,' and security settings of existing system versions can lead to security incidents. Samsung SDS conveyed that organizations need to implement a 'security platform suited for cloud environments' to prevent incidents.
Ransomware is evolving into a dual extortion strategy that involves data encryption along with threats to disclose information. Important data and sensitive information could be targeted by ransomware attacks through Ransomware as a Service (RaaS). Samsung SDS advised that corporations should enhance external access and account management, and regularly protect and manage data to prevent ransomware risks.
Recently, corporations are developing and operating software utilizing not only internal resources but also external resources such as open source. However, the risk of malware infiltration increases, which can weaken security. Samsung SDS indicated that corporations should establish proactive response plans concerning audits of the software and information and communication technology (IT) environments, along with preparedness for Software Bill of Materials (S-BOM) management.
Additionally, security threats regarding production facilities connected to the internet and related systems (OT), computing devices and gadgets, and the interconnected environment of things and wearable devices (IoT) are also growing. Especially, unupdated OT/IoT devices are vulnerable to hacker attacks, and breaches can spread to the entire connected network. Samsung SDS highlighted that corporations must adhere to basic principles such as maintaining strong authentication processes and regular security updates.