Cybersecurity and Disinformation: Navigating the Threat Landscape in 2025

The digital world is facing an increasingly complex threat landscape where cybersecurity and disinformation intersect and intertwine. Bad actors exploit technology, geopolitical instability, and societal vulnerabilities to spread misleading narratives and conduct malicious cyber operations. This convergence demands a comprehensive approach involving technological advancements, heightened awareness, robust security practices, and global cooperation.

Recent Developments

• Disinformation campaigns exploiting current events: False narratives linking the EU Agency for Cybersecurity (ENISA) to power outages and cyberattacks on European banks demonstrate how real-world events are manipulated for disinformation purposes.
• State-sponsored cyberattacks: North Korean operatives are targeting tech companies with sophisticated scams, highlighting the escalating threat of state-sponsored cybercrime.
• Government cybersecurity concerns: Budget cuts and political changes are raising concerns about national cyber defenses in countries like the US.
• Legal battles against spyware: WhatsApp’s legal victory against NSO Group sets a precedent for holding spyware companies accountable.

Key Statistics and Data

• 72% of organizations report increased cyber risks, with ransomware and adversarial AI as primary concerns.
• 42% of organizations experienced phishing and social engineering attacks in 2024, a significant increase.
• Two out of three organizations report moderate-to-critical cyber skills gaps.
• Critical infrastructure remains a prime target, accounting for a substantial portion of reported cybersecurity incidents.
• Over 25% of executives report experiencing deepfake attacks, showcasing the rising threat of AI-powered disinformation.

The Converging Threats

Disinformation is no longer a standalone threat. It’s increasingly used as a tool in cyberattacks, exploiting human trust to deliver malware and achieve malicious goals. This convergence is fueled by several trends:

• Generative AI: Advances in generative AI empower malicious actors to create sophisticated deepfakes and conduct scalable attacks.
• Focus on Critical Infrastructure: Essential services remain vulnerable, with bad actors seeking to cause widespread disruption.
• Supply Chain Vulnerabilities: Weaknesses in supply chains pose a significant challenge to organizational cyber resilience.
• Erosion of Trust: The constant barrage of disinformation erodes public trust, blurring the lines between credible and misleading information.

Expert Insights

Experts emphasize several key points:

• Disinformation should be considered a cybersecurity threat due to its potential for widespread harm.
• A unified approach involving experts from various disciplines is needed to combat disinformation effectively.
• A human-centered approach to cybersecurity is crucial, recognizing that human behavior and trust are often exploited.
• Lessons learned from cybersecurity should be applied to combat disinformation, including investing in best practices and fostering collaboration.

What You Can Do

Protecting yourself and your organization requires a multi-pronged approach:

• Stay informed: Keep up-to-date on the latest trends and threats.
• Practice strong cybersecurity hygiene: Use strong passwords, enable multi-factor authentication, and be wary of suspicious emails and links.
• Promote media literacy: Develop critical thinking skills and learn to identify disinformation.
• Report suspicious activity: Report suspected disinformation campaigns and cyberattacks to the appropriate authorities.
• Support trusted sources: Rely on credible news outlets and fact-checking organizations.

Conclusion

The convergence of cybersecurity and disinformation presents a complex and evolving challenge. By understanding the current landscape, adopting best practices, and working together, we can better navigate this challenging digital environment and mitigate the risks posed by these converging threats.