ISTANBUL — Cyberattacks are evolving as artificial intelligence (AI) increases the scale and sophistication of threats, with the “industry sector” poised to surpass the finance sector as the most targeted domain by 2025, according to Ilkem Ozar, general manager of Kaspersky Türkiye. Ozar noted that while financial institutions have historically been the primary targets for cybercriminals, the global threat landscape has shifted significantly this year, affecting both Türkiye and other countries worldwide.
“Industry is now the primary focus of cyberattacks,” Ozar told Anadolu, highlighting that energy companies, factories, and production facilities have left their operational technology (OT) systems underprotected due to years of delayed cybersecurity investment. This neglect has created vulnerabilities that attackers are increasingly exploiting. “In Türkiye, industrial operations were similarly deprioritized, leaving companies exposed,” she added.
Ozar remarked that 2025 has seen a surge in destructive attacks, both espionage-driven and those aimed directly at halting production. “For cyber attackers, industry has effectively become an easy target,” she said.
AI Makes Attacks Faster and More Convincing
Artificial intelligence has emerged as a critical tool for attackers, becoming fully integrated into their methodologies, Ozar stated. The use of fake identities, phishing emails, and social-engineering campaigns has become markedly more realistic, making exploitation easier and more targeted. “AI has lowered the barrier to exploiting vulnerabilities and producing customized attacks,” she explained, pointing to the increasing prevalence of deepfakes.
Personal data shared online is being harvested and repackaged into highly convincing messages, such as emails that appear to come from familiar services, like a user’s gym or a second-hand marketplace. “If you are redirected to another page to complete a purchase or make a payment, that is the moment to be alert,” Ozar warned. “Unfortunately, the era of saying ‘I clicked the link by accident’ is over. The internet brings enormous convenience, but it demands constant vigilance.”
She emphasized the growing importance of security solutions capable of automatically detecting and alerting users about such threats. Advanced impersonation, personalized phishing, and automated malware development, all powered by AI, represent what she termed “the defining trend of 2025.”
Security to Become a Service, Not a Product
Ozar predicted that corporate cybersecurity strategies will undergo a fundamental shift in 2026, moving away from standalone products toward continuous service models. “Security is no longer just software,” she said. “It is a 24/7 monitoring service. XDR, MDR, and threat-intelligence services will become standard requirements.”
Once security systems are implemented, organizations must actively manage alerts and respond to incidents, either with in-house teams or by outsourcing to specialized vendors. Managed Detection and Response (MDR) services, which provide round-the-clock monitoring and active response, have seen increased adoption in Türkiye since the latter half of 2025. “We are increasingly hearing customers say, ‘We will move to MDR in 2026,’” Ozar noted, stressing that basic security tools are becoming insufficient as companies professionalize their cybersecurity efforts.
Those targets that underinvest in security, particularly small and mid-sized companies, are particularly vulnerable, according to Ozar. “The cybersecurity environment is like the food chain in the wild,” she said. “Those who fall behind get hunted. If attacking a large organization takes a year, it may take just one day to bring down an unprotected business.”
Critical sectors, including energy, telecommunications, healthcare, and logistics, remain particularly exposed due to the vital nature of their operations. She warned that disruptions in healthcare systems could have life-threatening consequences. Ozar also highlighted that Türkiye’s transition to fully digital invoicing on January 1, 2026, could trigger a new wave of attacks, particularly via fake invoices sent through email.
“Phishing attempts that say ‘click this link to view details’ will increase,” she underscored. “Both computers and mobile phones must have security solutions capable of detecting phishing.”
Kaspersky Türkiye Posts Triple-Digit Growth
Despite the challenges, Ozar reported that 2025 has been one of Kaspersky Türkiye’s fastest-growing years, especially in the corporate segment. “From 2023 to 2024, we grew 2.5 times. In the nine-month period of 2025, we grew threefold compared with the same period last year, and we expect to close the year with similar momentum,” she stated.
This growth has resulted from both market expansion and capturing customers from competitors, particularly in the corporate sector, translating into higher market share and revenue. Despite layoffs across parts of the technology sector, Kaspersky has continued to invest in human capital in Türkiye. “At a time when many companies were downsizing, we hired new staff and expanded technical teams working with our partners,” Ozar said. “We reinvest our growth back into the country.”
See also
South African Firms Face 1,800 Weekly Cyberattacks Amid Rising AI Threats, Check Point Reports
CrowdStrike Launches Falcon AIDR to Combat AI Threats with 99% Efficacy
AI Vendors Align on Standards to Enhance Agentic AI Flexibility Amid Bot Crackdown
AI Cyber Threats Surge: 60% of Companies Targeted, Only 7% Use AI Defense Tools
60% of Firms Report AI-Enabled Cyberattacks; Only 7% Use AI Defense Tools, BCG Finds
