Trend Micro Predicts Emergence of Deepfake-Powered Malicious Digital Twins
Trend Micro (TYO: 4704; TSE: 4704) has released its cybersecurity predictions for 2025, warning about the emergence of AI-powered malicious digital twins and hyper-personalized attacks. The report highlights how breached personal information could be used to train LLMs to mimic individuals' personalities and behaviors, especially when combined with deepfake technology and compromised biometric data.
The company predicts these technologies will enhance business compromise scams, improve targeting of victims, and facilitate the creation of authentic-seeming social media personas for spreading misinformation. Additional concerns include vulnerability exploitation of AI agents, unintended information leakage, and system resource consumption issues.
The report also addresses ransomware threats, predicting attackers will adapt to bypass EDR tools through various techniques. Trend Micro recommends implementing risk-based cybersecurity approaches, leveraging AI for threat intelligence, updating user training, and securing AI technology against abuse.
Trend Micro (TYO: 4704; TSE: 4704) ha rilasciato le sue previsioni sulla cybersecurity per il 2025, mettendo in guardia sull'emergere di gemelli digitali malevoli potenziati dall'IA e attacchi iper-personalizzati. Il rapporto evidenzia come le informazioni personali compromesse possano essere utilizzate per addestrare modelli linguistici di grandi dimensioni (LLM) a imitare le personalità e i comportamenti degli individui, specialmente quando combinate con la tecnologia deepfake e dati biometrici compromessi.
L'azienda prevede che queste tecnologie miglioreranno le truffe di compromissione aziendale, miglioreranno il targeting delle vittime e faciliteranno la creazione di persone autenticamente rappresentative sui social media per diffondere disinformazione. Altre preoccupazioni includono l'esplorazione delle vulnerabilità degli agenti IA, la fuoriuscita involontaria di informazioni e problemi di consumo delle risorse di sistema.
Il rapporto affronta anche le minacce ransomware, prevedendo che gli attaccanti si adatteranno per eludere gli strumenti EDR utilizzando varie tecniche. Trend Micro raccomanda di implementare approcci di cybersecurity basati sul rischio, sfruttare l'IA per l'intelligenza delle minacce, aggiornare la formazione degli utenti e proteggere la tecnologia IA contro gli abusi.
Trend Micro (TYO: 4704; TSE: 4704) ha publicado sus predicciones de ciberseguridad para 2025, advirtiendo sobre la aparición de gemelos digitales maliciosos impulsados por IA y ataques hiperpersonalizados. El informe destaca cómo la información personal comprometida podría utilizarse para entrenar modelos de lenguaje de gran tamaño (LLM) para imitar las personalidades y comportamientos de las personas, especialmente cuando se combina con tecnología deepfake y datos biométricos comprometidos.
La empresa predice que estas tecnologías mejorarán las estafas de compromiso empresarial, optimizarán el enfoque hacia las víctimas y facilitarán la creación de personas auténticamente parecidas en las redes sociales para difundir desinformación. Otras preocupaciones incluyen la explotación de vulnerabilidades de los agentes de IA, filtraciones involuntarias de información y problemas de consumo de recursos del sistema.
El informe también aborda las amenazas de ransomware, prediciendo que los atacantes se adaptarán para eludir las herramientas EDR a través de diversas técnicas. Trend Micro recomienda implementar enfoques de ciberseguridad basados en riesgos, aprovechar la IA para la inteligencia de amenazas, actualizar la capacitación de los usuarios y asegurar la tecnología de IA contra abusos.
트렌드 마이크로 (TYO: 4704; TSE: 4704)는 2025년 사이버 보안 예측을 발표하며 AI 기반의 악성 디지털 쌍둥이와 하이퍼 개인화된 공격의 출현에 경고했습니다. 이 보고서는 유출된 개인 정보가 대규모 언어 모델(LLM)을 훈련시켜 개인의 성격과 행동을 모방하는 데 어떻게 사용될 수 있는지를 강조하며, 특히 딥페이크 기술 및 손상된 생체 데이터와 결합될 때 그렇습니다.
회사는 이러한 기술들이 기업 타격 사기를 강화하고, 피해자 타겟팅을 개선하며, 허위 정보를 퍼뜨리기 위한 믿어지기 쉬운 소셜 미디어 인물의 생성을 용이하게 할 것이라고 예측합니다. 추가적인 우려 사항으로는 AI 에이전트의 취약점 악용, 의도치 않은 정보 유출, 시스템 자원 소비 문제 등이 있습니다.
보고서는 또한 랜섬웨어 위협을 다루며, 공격자들이 다양한 기술을 통해 EDR 도구를 우회하기 위해 적응할 것이라고 예측합니다. 트렌드 마이크로는 위험 기반 사이버 보안 접근 방식을 구현하고, 위협 인텔리전스를 위해 AI를 활용하며, 사용자 교육을 업데이트하고, AI 기술을 남용으로부터 보호할 것을 추천합니다.
Trend Micro (TYO: 4704; TSE: 4704) a publié ses prévisions en matière de cybersécurité pour 2025, mettant en garde contre l'émergence de jumeaux numériques malveillants alimentés par l'IA et des attaques hyper-personnalisées. Le rapport souligne comment les informations personnelles compromises pourraient être utilisées pour entraîner des modèles linguistiques de grande taille (LLM) à imiter les personnalités et les comportements des individus, en particulier lorsqu'elles sont combinées avec la technologie deepfake et des données biométriques compromises.
L'entreprise prévoit que ces technologies amélioreront les escroqueries de compromission d'entreprise, perfectionneront le ciblage des victimes et faciliteront la création de personas crédibles sur les réseaux sociaux pour propager la désinformation. D'autres préoccupations incluent l'exploitation des vulnérabilités des agents AI, les fuites d'informations involontaires et des problèmes de consommation des ressources système.
Le rapport aborde également les menaces de ransomware, prédisant que les attaquants s'adapteront pour contourner les outils EDR par diverses techniques. Trend Micro recommande de mettre en œuvre des approches de cybersécurité basées sur le risque, d'exploiter l'IA pour l'intelligence des menaces, de mettre à jour la formation des utilisateurs et de sécuriser la technologie IA contre les abus.
Trend Micro (TYO: 4704; TSE: 4704) hat seine Cybersecurity-Vorhersagen für 2025 veröffentlicht und warnt vor dem Auftauchen von KI-gestützten bösartigen digitalen Zwillingen und hyper-personalisierten Angriffen. Der Bericht hebt hervor, wie gestohlene persönliche Informationen verwendet werden könnten, um große Sprachmodelle (LLMs) zu trainieren, die Persönlichkeiten und Verhaltensweisen von Individuen nachahmen, insbesondere wenn sie mit Deepfake-Technologie und kompromittierten biometrischen Daten kombiniert werden.
Das Unternehmen prognostiziert, dass diese Technologien Unternehmensbetrügereien verbessern, die Zielauswahl der Opfer verfeinern und die Schaffung authentisch aussehender Social-Media-Personen zur Verbreitung von Fehlinformationen erleichtern werden. Weitere Bedenken sind die Ausnutzung von Schwachstellen bei KI-Agenten, unbeabsichtigte Informationslecks und Probleme mit dem Ressourcenverbrauch des Systems.
Der Bericht behandelt auch Ransomware-Bedrohungen und prognostiziert, dass Angreifer sich anpassen werden, um EDR-Tools durch verschiedene Techniken zu umgehen. Trend Micro empfiehlt die Implementierung risikobasierter Cybersecurity-Ansätze, den Einsatz von KI für Bedrohungsanalysen, die Aktualisierung der Benutzerschulung und den Schutz von KI-Technologien vor Missbrauch.
- None.
- Increased risk of sophisticated AI-powered cyber attacks
- Potential for malicious digital twins to compromise security
- Vulnerability to enhanced business compromise scams
- Risk of AI agent exploitation and system resource consumption
- Growing ransomware threats adapting to bypass security measures
The age of hyper-personalized attacks is almost upon us, warns security leader
To read Trend Micro's cybersecurity predictions for 2025, The Easy Way In/Out: Securing The Artificial Future, please visit: https://www.trendmicro.com/vinfo/us/security/research-and-analysis/predictions/the-artificial-future-trend-micro-security-predictions-for-2025
Jon Clay, VP of Threat Intelligence at Trend Micro: "As generative AI makes its way ever deeper into enterprises and the societies they serve, we need to be alert to the threats. Hyper-personalized attacks and agent AI subversion will require industry-wide effort to root out and address. Business leaders should remember that there's no such thing as standalone cyber risk today. All security risk is ultimately business risk, with the potential to impact future strategy profoundly."
Trend's 2025 predictions report warns of the potential for malicious "digital twins," where breached/leaked personal information (PII) is used to train an LLM to mimic the knowledge, personality, and writing style of a victim/employee. When deployed in combination with deepfake video/audio and compromised biometric data, they could be used to convince identity fraud or to "honeytrap" a friend, colleague, or family member.
Deepfakes and AI could also be leveraged in large-scale, hyper-personalized attacks to:
- Enhance business compromise (BEC/BPC) and "fake employee" scams at scale.
- Identify pig butchering victims.
- Lure and romance these victims before handing them off to a human operator, who can chat via the "personality filter" of an LLM.
- Improved open-source intelligence gathering by adversaries.
- Capability development in pre-attack prep will improve attack success.
- Create authentic-seeming social media personas at scale to spread mis/disinformation and scams.
Elsewhere, businesses that adopt AI in greater numbers in 2025 will need to be on the lookout for threats such as:
- Vulnerability exploitation and hijacking of AI agents to manipulate them into performing harmful or unauthorized actions.
- Unintended information leakage (from GenAI)
- Benign or malicious system resource consumption by AI agents, leading to denial of service.
Outside the world of AI threats
The report highlights additional areas for concern in 2025, including:
Vulnerabilities
- Memory management and memory corruption bugs, vulnerability chains, and exploits targeting APIs
- More container escapes
- Older, simpler vulnerabilities like cross-site scripting (XSS) and SQL injections
- The potential for a single vulnerability in a widely adopted system to ripple across multiple models and manufacturers, such as a connected vehicle ECU
Ransomware
Threat actors will respond to advances in endpoint detection and response (EDR) tooling by:
- Creating kill chains that use locations where most EDR tools aren't installed (e.g., cloud systems or mobile, edge, and IoT devices)
- Disabling AV and EDR altogether
- Using bring your own vulnerable driver (BYOVD) techniques.
- Hiding shellcodes inside inconspicuous loaders
- Redirecting Windows subsystem execution to compromise EDR/AV detection.
The result will be faster attacks with fewer steps in the kill chain that are harder to detect.
Time for action
In response to these escalating threats and an expanding corporate attack surface, Trend recommends:
- Implementing a risk-based approach to cybersecurity, enabling centralized identification of diverse assets and effective risk assessment/prioritization/mitigation
- Harnessing AI to assist with threat intelligence, asset profile management, attack path prediction, and remediation guidance—ideally from a single platform.
- Updating user training and awareness in line with recent AI advances and how they enable cybercrime.
- Monitoring and securing AI technology against abuse, including security for input and response validation or actions generated by AI
- For LLM security: hardening sandbox environments, implementing strict data validation, and deploying multi-layered defenses against prompt injection
- Understanding the organization's position within the supply chain, addressing vulnerabilities in public-facing servers, and implementing multi-layered defenses within internal networks
- Facilitating end-to-end visibility into AI agents
- Implementing Attack Path Prediction to mitigate cloud threats
About Trend Micro
Trend Micro, a global cybersecurity leader, helps make the world safe for exchanging digital information. Fueled by decades of security expertise, global threat research, and continuous innovation, Trend Micro's AI-powered cybersecurity platform protects hundreds of thousands of organizations and millions of individuals across clouds, networks, devices, and endpoints. As a leader in cloud and enterprise cybersecurity, Trend's platform delivers a powerful range of advanced threat defense techniques optimized for environments like AWS, Microsoft, and Google, and central visibility for better, faster detection and response. With 7,000 employees across 70 countries, Trend Micro enables organizations to simplify and secure their connected world. www.TrendMicro.com.
View original content to download multimedia:https://www.prnewswire.com/news-releases/trend-micro-predicts-emergence-of-deepfake-powered-malicious-digital-twins-302332058.html
SOURCE Trend Micro Incorporated
FAQ
What are the main cybersecurity threats predicted by TMICY for 2025?
How will AI-powered digital twins pose a threat according to TMICY's 2025 predictions?
What security measures does TMICY recommend for protecting against AI threats in 2025?
How will ransomware attacks evolve in 2025 according to TMICY's predictions?