Armis has released its third annual State of Cyberwarfare and Trends Report, incorporating survey data from thousands of IT and security professionals worldwide. The report provides in-depth insights into the evolving cyber threat landscape, aiming to encourage organisations to proactively strengthen their cyber defences and adapt to increasingly sophisticated threats.
The 2025 edition, "Warfare Without Borders: AI's Role in the New Age of Cyberwarfare", delves into the escalating role of artificial intelligence in cyber conflicts, highlighting how AI is transforming both offensive cyberattacks and defensive strategies. Due to exponential technological advancements, most notably AI and quantum computing, the lines between traditional warfare and cyber conflict have blurred, and entire organisations are vulnerable, with nations caught in a digital crossfire.
The report highlights a massive shift in perception, with over 87% of IT decision-makers now concerned about the impact of cyber warfare on their organisations, a huge rise from 54% in Armis' last report. Geopolitical uncertainty, armed conflicts, and a seismic shift in the 2024 election cycle have fuelled this concern. However, the most significant driver is AI, which is dramatically escalating the scale and sophistication of cyber threats, from large-scale ransomware attacks to full-on cyber-physical attacks impacting critical infrastructure. It's this convergence of geopolitical unrest and technological risk that is so concerning.
Worryingly, only 33% of IT decision-makers strongly agree that their organisation is prepared for cyber warfare. Cyber warfare, and the weaponisation of AI, raises the stakes higher still, pushing the boundaries of what's possible in terms of disruption, deception, and damage.
Almost two-thirds (64%) of IT leaders agree that generative AI (GenAI) challenges the geopolitical balance, allowing smaller nations and non-state actors to emerge as near-peer cyber threats. These actors harness tools like large language models (LLMs) and ChatGPT to exploit weaknesses in critical infrastructure such as energy grids and water systems. With these new technologies, attackers are able to clone voices, manipulate narratives, and spread disinformation like never before.
The fusion of geopolitical tension and AI-powered cyber tools is already wreaking havoc across nations and sectors. For example, despite repelling many cyberattacks during the 2024 Olympics, France faced a wave of AI-generated disinformation to undermine trust in its infrastructure. In the US, the 2024 Change Healthcare breach compromised data from 190 million Americans, showing how ransomware attacks, often powered by GenAI automation, are crippling entire industries. Meanwhile, the average ransomware payout in the EU automotive sector reached €12.8 million, the highest across all industries, with attacks focused on high-value, operationally critical systems.
Additionally, over two-thirds of Australian businesses have been hit by ransomware, with ransom payments climbing higher by the day. The ACN’s inaugural State of the Industry 2024 report – which drew on 30 unique datasets – further saw the average ransom payment climb to $1.35 million, up from $1.03 million in 2023. The U.S. and Australia top the list, with an average payout of $10.1 million, with 1 in 10 companies (10%) reporting payments exceeding $10 million.
With the cost of inaction mounting, the stakes have never been higher. Organisations that fail to take proactive measures risk their bottom line and the trust and safety of their customers and partners.
The cyber security gap, the divide between the speed and sophistication of cyber threats and our ability to defend against them, is certainly nothing new as organisations struggle with remote environments, huge volumes of data and legacy security systems. 85% of IT decision-makers reported that offensive techniques regularly bypass security tools, showing that traditional methods are no longer enough. The problem is that this gap is getting bigger. As AI enables attackers to automate their efforts and scale faster than ever, organisations must find a way to fight back.
Fortunately, while AI is a big part of the problem, it also holds part of the solution. 94% of decision-makers say they wish they had AI tools to assist them, recognising its potential to strengthen defences. However, without the proper support, the gap between AI's offensive and defensive capabilities will only continue to grow, leaving businesses increasingly vulnerable.
In Australia, the picture is similar, with considerable concern around GenAI and its potential to disrupt the geopolitical status quo. While 85% of those surveyed in Australia agree that their organisation is actively investing in security tools to stay ahead of emerging AI-powered threats, over half (57%) admit their organisation lacks the expertise to implement and manage AI-powered security solutions. Meanwhile, 56% confirmed that their organisation had been hacked previously and could not adequately secure its ecosystem. To keep pace with this new reality, organisations must go beyond reactive measures, proactively investing in AI-driven security strategies to close the growing cyber gap before it becomes unmanageable.
The reality of modern cyberwarfare is that every organisation is at risk, and defending infrastructure has become a societal and economic imperative. AI enables adversaries to move faster, target more precisely, and bypass traditional defences, meaning legacy tools and manual oversight are no longer sufficient to secure digital environments. However, AI is also the key to fighting back.
Ultimately, the only way to counter AI-driven attacks is with AI-powered defence. Instead of relying on outdated, siloed security strategies, organisations must adopt comprehensive, real-time cyber exposure and risk management, using information and intelligence to close vulnerabilities and stay one step ahead. By implementing proactive threat detection, robust risk management, and collaborative defence strategies, organisations can move towards holistic security and strengthen their security posture.
As the digital threat landscape evolves and AI-driven cyberattacks grow more sophisticated, it's time to act. Contact the experts at Infotrust today for a security planning session and explore how we can partner with you to safeguard your business against AI-powered cyber threats.
