ISTANBUL

Cyberattacks are changing direction as artificial intelligence (AI) accelerates both the scale and sophistication of threats, with “industry sector” replacing “finance sector” as the most targeted sector in 2025, according to Ilkem Ozar, general manager of Kaspersky Türkiye.

Ozar said financial institutions had long been the primary target of cybercriminals, but the global threat landscape has shifted this year, both in Türkiye and worldwide.

“Industry is now the primary focus of cyberattacks,” Ozar told Anadolu, noting that energy companies, factories and production facilities have left their operational technology (OT) systems underprotected due to years of delayed cybersecurity investment.

This delayed security spending in industrial infrastructure, she said, created an opening for attackers. “In Türkiye, industrial operations were similarly deprioritized, leaving companies exposed.”

“For cyber attackers, industry had effectively become an easy target,” Ozar said. “Throughout 2025, we recorded far more destructive attacks, both espionage-driven and aimed directly at halting production.”

AI makes attacks faster and more convincing

Artificial intelligence has become a force multiplier for attackers, fully embedded in their toolkits, Ozar said, adding that fake identities, phishing emails and social-engineering campaigns have grown markedly more realistic, making exploitation easier and more targeted.

“AI has lowered the barrier to exploiting vulnerabilities and producing customized attacks,” she said, citing the growing use of deepfakes.

Personal data shared online can now be harvested and repackaged into highly convincing messages such as emails appearing to come from a user’s gym or a familiar second-hand marketplace, she informed.

“If you are redirected to another page to complete a purchase or make a payment, that is the moment to be alert,” Ozar warned. “Unfortunately, the era of saying ‘I clicked the link by accident’ is over. The internet brings enormous convenience, but it demands constant vigilance.”

She added that security solutions capable of automatically detecting and warning users about such threats are increasingly essential.

Advanced impersonation, personalized phishing and automated malware development, powered by AI, have emerged as what she called “the defining trend of 2025.”

Security to become a service, not a product

Ozar said corporate cybersecurity strategies will undergo a fundamental shift in 2026, as companies move away from standalone products toward continuous services.

“Security is no longer just software,” she said. “It is a 24/7 monitoring service. XDR, MDR and threat-intelligence services will become standard requirements.”

Once security systems are deployed, organizations must continuously manage alerts and respond to incidents, either through dedicated in-house teams or by outsourcing to vendors and specialized partners, she said.

Managed Detection and Response (MDR), which provides round-the-clock monitoring, threat detection and active response, has seen rapid uptake in Türkiye since the second half of 2025, according to Ozar.

“We are increasingly hearing customers say, ‘We will move to MDR in 2026,’” she said. “Basic security tools are no longer sufficient. Companies are professionalizing their approach.”

‘Those who fall behind get hunted’

Attackers prioritize targets based on time and cost, Ozar said, leaving small and mid-sized companies that underinvest in security particularly vulnerable.

“The cybersecurity environment is like the food chain in the wild,” she said. “Those who fall behind get hunted. If attacking a large organization takes a year, it may take just one day to bring down an unprotected business.”

Energy, industry, telecommunications, healthcare and logistics remain among the most exposed sectors due to the critical nature of their operations, she said, warning that disruptions in healthcare systems could have life-threatening consequences.

Ozar also cautioned that Türkiye’s transition to fully digital invoicing as of Jan. 1, 2026 could trigger a new wave of attacks, particularly via fake invoices sent by email.

“Phishing attempts that say ‘click this link to view details’ will increase,” she underlined. “Both computers and mobile phones must have security solutions capable of detecting phishing.”

Kaspersky Türkiye posts triple-digit growth

Ozar said 2025 has been one of Kaspersky Türkiye’s fastest-growing years, particularly in the corporate segment.

“From 2023 to 2024, we grew 2.5 times. In the nine-month period of 2025, we grew threefold compared with the same period last year, and we expect to close the year with similar momentum,” she said.

Growth came both from market expansion and from winning customers away from competitors, particularly among corporate clients, she added, translating into higher market share and revenue.

Despite layoffs across parts of the technology sector, Kaspersky continued to invest in human capital in Türkiye, Ozar said.

“At a time when many companies were downsizing, we hired new staff and expanded technical teams working with our partners,” she said. “We reinvest our growth back into the country.”