Moody’s warns of escalating cyber threats and credit risks as attackers shift focus to bigger targets.
Hackers are increasingly targeting larger organizations in pursuit of higher profits, a trend that could amplify credit risks and drive up insurance premiums, according to Moody’s “2025 Cyber Outlook.” The report highlights how evolving cyber tactics, fueled by advancements in artificial intelligence (AI), are set to challenge corporate defenses and disrupt global supply chains.
Ransomware and AI: A Dangerous Combination
Moody’s Vice President Leroy Terrelonge emphasized that ransomware attacks are now aimed at larger entities, leading to greater financial and operational impacts. This shift is expected to increase cyber risks for Moody’s-rated organizations and strain cyber insurers, potentially resulting in higher premiums. The recent ransomware attack on supply chain software vendor Blue Yonder underscores this vulnerability, as it disrupted retail, labor, and transportation systems during the critical holiday season.
Generative AI is compounding the issue by enabling attackers to craft highly convincing phishing messages, making it easier to breach even well-defended networks. Larger organizations, despite their advanced cybersecurity measures, face heightened risks due to the complexity of their systems and the presence of outdated infrastructure.
Supply Chain Vulnerabilities and Regulatory Shifts
Supply chains remain a prime target for cybercriminals, who often exploit weaknesses in third-party software suppliers. A single breach can cascade across multiple customers, amplifying the damage. Moody’s also warns that the incoming U.S. administration may roll back cybersecurity regulations, potentially weakening the nation’s defenses and increasing the likelihood of attacks.
A Call for Proactive Measures
The escalating sophistication of cyber threats demands a proactive approach from supply chain leaders. Strengthening third-party risk management, investing in AI-driven cybersecurity tools, and advocating for robust regulatory frameworks will be critical in mitigating these risks. As cyberattacks grow in scale and complexity, the resilience of supply chains will hinge on collaboration and innovation.
