The AI Cyber Threat: Are We Ready for the Storm of 2025?

In early February 2025, a series of unprecedented cyber incidents, collectively dubbed "Cyberstorm 2025," has sent shockwaves through the global cybersecurity community. These events have highlighted the growing threat of AI-driven cyber attacks and raised critical questions about our preparedness to defend against them.

The Incidents

Between 3 and 9 February 2025, several high-profile breaches occurred, exposing vulnerabilities across various sectors. Key incidents included:

• WPU 2.0 WordPress Exploit: A sophisticated script targeting WordPress admin panels, sold for $2,000, bypassed even robust firewall protections
• OpenAI Credential Leak: A massive leak of 20 million user credentials from OpenAI, raising concerns about the security of AI platforms
• Stolen U.S. Credit Card Data: The sale of U.S. credit card data farmed from networks, highlighting the thriving market for stolen financial information
• Inkafarma Data Breach: A breach at Inkafarma in Peru, revealing 3.9 million customer details
• Unauthorised VPN Access: Illicit access to a U.S. oil firm's VPN, underscoring vulnerabilities in critical infrastructure

These incidents come only one week after DeepSeek announced that it had been the victim of a “large-scale” cyber attack, after which it temporarily limited registrations to its app.

The Implications

These incidents underscore the increasing sophistication of cyber threats, particularly those leveraging AI. They also demonstrate that AI is a new attack surface that organisations need to have a plan in place to defend. The democratisation of powerful hacking tools, such as the WPU 2.0 exploit, puts advanced capabilities within reach of less skilled actors. The OpenAI credential leak, in particular, has brought the issue of AI platform security to the forefront, with experts warning about the potential for these credentials to be used in highly advanced phishing scams and social engineering attacks.

Are You Prepared?

The question remains: Are we ready for AI-driven cyber attacks? The answer, unfortunately, appears to be no. The recent breaches have exposed deep flaws in our cybersecurity defences, particularly in sectors like tech, finance, and critical infrastructure. As AI continues to evolve, so too will the methods used by cybercriminals, making it imperative for organisations to stay ahead of the curve.? Many organisations are still in the early stages of designing their corporate AI program, with the realisation dawning that regardless of their progress, AI is in the organisation already, as employees have access to new technologies almost weekly.

Improving your defences: A Path Forward

To mitigate these threats, organisations must adopt a proactive approach to cybersecurity and evolve their cyber defence strategies in response to the large-scale take up of generative AI.

This includes:

1. New cyber threats: Update controls uplift plan to account for the new threats that AI has created for the organisation, such as deepfakes, better phishing, higher risk of data loss through employee use of open source Large Language Models (LLMs).
2. Safe deployment of AI: Establish guardrails for the organisation’s use of generative AI and publish and enforce acceptable use standards across the organisation.? Embed professionals from the cyber function into the AI use case development program to enable them to assess risks and impacts in real time.
3. AI to enhance the cyber function: Consider where best to embed the use of AI in cyber defence, including rolling out AI functionality in third party cyber software the organisation already consumes, as well as developing specific cyber defence use cases, prioritising the areas of identity and access management, threat detection and response and data protection.
4. Monitor for shadow AI: Focus on deploying tooling to monitor for and manage the use of corporately unapproved AI usage (“shadow AI”) to protect corporate information and minimise the risk of corporate exposure should one of these AI models become the victim of a cyber attack.
5. Step up employee cyber awareness training: educate employees about the additional cyber risks that AI creates, encouraging them to use in-house ring-fenced AI models rather than public ones when performing their work.

Cyberstorm 2025 has to serve as a wake-up call for the global cybersecurity community. As we move forward, it is crucial to recognise the growing threat of AI-driven cyber-attacks and take the necessary steps to protect our digital infrastructure. The future of cybersecurity, as well as the continued adoption of AI more generally, depends on our ability to adapt and innovate in the face of these evolving challenges.

?

This article was co-written and shared by my colleague Katherine Boiciuc .

?

The views expressed in this article are the views of the author, not Ernst & Young. This article provides general information, does not constitute advice and should not be relied on as such. Professional advice should be sought prior to any action being taken in reliance on any of the information. Liability limited by a scheme approved under Professional Standards Legislation.

?