Security

Goldilock warns of destructive potential of AI-powered malware in 2025

Posted 9 January 2025

Network segmentation and isolation specialist, Goldilock, has released its 2025 cyber security threat forecast, outlining the development of AI-powered malware as a sophisticated and adaptive persistent threat to critical infrastructure and sensitive networks, as well as steps both businesses and the public sector can take to help shape future digital security.

Image by Anggalih Prasetya / copyright Shutterstock

The arrival of AI-powered, agentic malware marks a departure from traditional cyber security threats, not least because the self-learning nature of agentic AI allows it to continuously modify its tactics and learn from its environment. Goldilock’s forecast covers the progression of AI-powered malware and demonstrates how the technology will start to employ adaptive evasion, learning from its encounters with different defence systems and autonomously evolving to outsmart the protective measures in place.

The report also details how critical infrastructure is most at risk because the growing interconnectivity of systems and centralisation of data means a successful breach can cause widespread disruption. For the same reason the UK recently added data centres – the backbone of our digital world – to its list of critical infrastructure due to the importance of keeping them safe, particularly from state-sponsored attacks.

Pointing to topical incidents such as BlackMatter ransomware, which employs AI to refine encryption strategies and analyses targets’ defences in real time, and recent Cobalt Strike adaptations, Goldilock’s forecast highlights how AI-powered tactics are developing to adapt to and circumvent the traditional endpoint detection and response (EDR) tools currently in place to protect critical infrastructure, data centres, and sensitive networks.

Stephen Kines, co-founder and COO of Goldilock said: “Across cyber security but most crucially when it comes to protecting critical infrastructure, we’ve got to modify best practices to effectively thwart the more sophisticated threats coming at us this year.

"Network segmentation and the ability to ringfence infrastructure beyond the reach of AI-powered tactics, proactive threat intelligence and private and public sector collaboration; only with all these elements will we be able to effectively counter the attacks of today and tomorrow and keep our networks safe.”