As we navigate 2025, the “perimeter” of corporate security has not just moved—it has effectively vanished. For IT managers, the baseline for “advanced threats” has been reset by the industrialization of Generative AI (GenAI) and the exploitation of vulnerabilities that traditional Multi-Factor Authentication (MFA) was never designed to stop.
The following analysis, grounded in 2024 and 2025 research, outlines the three primary frontiers currently stressing enterprise defenses.
1. The Weaponization of Large Language Models (LLMs)
Research from the International Association for Computer Information Systems (2024) and the CrowdStrike 2025 Global Threat Report confirms that GenAI has become a force multiplier for adversaries. Attackers are no longer just sending “better” emails; they are using AI to automate the entire lifecycle of an attack.
- Success Rates: Recent studies indicate that AI-generated phishing emails achieve a 54% click-through rate, compared to just 12% for human-crafted attempts (CrowdStrike, 2025).
- Deepfake Business Email Compromise (BEC): In early 2024, a notable incident involving a $25.6 million fraud highlighted the danger of “Deepfake BEC,” where attackers cloned the voice and video of executives to authorize fraudulent transfers.
2. The Fallibility of MFA and “Session Hijacking”
The 2025 IBM X-Force Threat Intelligence Index and reports from CyberCX (2025) reveal a troubling trend: 75% of BEC attacks now involve bypassing MFA.
- Token Theft over Password Theft: Attackers have shifted from stealing credentials to stealing session cookies. By exfiltrating active session tokens (often via infostealer malware), attackers can bypass the login and MFA process entirely, appearing as an already-authenticated user (SpyCloud, 2025).
- MFA Fatigue: Adversaries now employ “MFA Hammering,” bombarding users with push notifications until they approve the request out of frustration—a tactic that exploits human psychology rather than technical flaws.
3. Adversarial Machine Learning (AML)
As companies integrate AI into their own operations, the models themselves have become targets. Research in MDPI Electronics (2025) highlights the rise of Adversarial Machine Learning.
- Data Poisoning: Attackers inject malicious data into training sets to “teach” an AI to ignore certain threats or misclassify fraudulent behavior.
- Evasion Attacks: By making “imperceptible perturbations” to inputs—such as a subtly modified financial document—attackers can trick a fraud-detection AI into validating a malicious transaction (Obsidian Security, 2025).
Recommendations for Managers
- Move to “Phishing-Resistant” MFA: Traditional SMS or push-based MFA is no longer sufficient for high-risk roles. Research from the Cloud Security Alliance (2025) strongly recommends transitioning to FIDO2-compliant hardware security keys (like YubiKeys) which are mathematically resistant to the “Adversary-in-the-Middle” (AiTM) attacks that currently bypass standard MFA.
- Adopt AI Security Posture Management (AISPM): As you deploy internal AI agents, you must monitor them. Treat your AI models as “identities” with their own permissions. Implement continuous verification to ensure that the inputs your models receive aren’t being manipulated to cause data leakage or unauthorized actions.
References:
- CrowdStrike. (2025). Global Threat Report: How GenAI Powers Social Engineering.
- IBM X-Force. (2025). Threat Intelligence Index.
- SpyCloud. (2025). Annual Identity Exposure Report.
- Wang et al. (2024). The impacts of generative AI in knowledge discovery for cyber defense. IACIS.
- MDPI. (2025). Machine Learning for Cybersecurity: Adversarial Challenges.
