Black Hat 2025: How AI Is Changing the Security Game | eWeek

AI Might Give Security Defenders an Advantage: Researcher Explains During Black Hat 2025 Keynote

Cybersecurity researcher Mikko Hypponen delivering his keynote address during the Black Hat event on August 6, 2025 in Las Vegas.

Cybersecurity researcher Mikko Hypponen delivering his keynote address during the Black Hat event on August 6, 2025 in Las Vegas. Image: Matt Gonzales/TechnologyAdvice

Écrit par
Matt Gonzales
Matt Gonzales
Aug 7, 2025
3 minute read
eWeek Le contenu et les recommandations de produits sont indépendants de la rédaction. Nous pouvons gagner de l'argent lorsque vous cliquez sur des liens vers nos partenaires. En savoir plus

Cybersecurity has come a long way. But the attackers haven’t stopped adapting.

That was the core message of Mikko Hypponen’s keynote Wednesday at Black Hat 2025, where the longtime researcher walked the audience through three decades of malware history, shifting motivations, and what defenders need to prepare for next.

In a talk titled “Three Decades in Cybersecurity: Lessons Learned and What Comes Next,” Hypponen reflected on the earliest viruses of the late 1980s — often written by pranksters for notoriety — and contrasted them with today’s financially motivated, targeted, and professionalized attacks.

“We don’t fight viruses anymore,” Hypponen told the crowd. “They’re no longer a thing. Yes, we have malware. But we almost never have malware that spreads automatically… Today’s attacks are quite different.”

The turning point in cybercrime

Hypponen, the chief research officer at WithSecure, has stood at the frontlines of cyber defense since 1991.

He’s tracked — and helped neutralize — some of the world’s most devastating digital threats: Code Red, Slammer, Conficker, Stuxnet, WannaCry, LockBit, and more. In fact, his team was the first to stop the infamous ILOVEYOU worm.

Early viruses, he explained, were often written by teenage boys looking to cause mischief; this involved surprising users with animations, messages, or system disruptions for fun. That changed with the rise of the internet and then again around 2003, which Hypponen called the biggest turning point in cybercrime: the moment malware became monetized.

“We started seeing malware that wasn’t just annoying — it was profitable,” he said.

Banking trojans, ransomware, and targeted attacks quickly followed, with sophisticated operations emerging across the globe. Today’s cybercrime gangs are branded, well-funded, and focused. They launch attacks with the goal of making millions… quietly.

“If your malware ends up on the front page of CNN, you’ve failed,” Hypponen noted. “Today’s attackers don’t want publicity. They want money.”

He pointed to the rise of ransomware, including attacks from North Korea, and organized groups like Alpha, as a major escalation. These attackers exploit vulnerable VPN servers, phish users, and often use cryptocurrency for untraceable payments. High-profile victims now include hospitals, casinos, schools, and governments.

“Nobody believes they’ll be the next one,” he added, “but anyone can be.”

AI and the new balance of power

Despite the rise of ransomware and digital extortion, Hypponen closed his keynote on a hopeful, if nuanced, note: Security today is better than ever.

“It doesn’t feel like it,” he acknowledged, “but if you step back and think about where we’ve been and where we are today, it’s like night and day.”

He cited locked-down platforms like the iPhone and Xbox as examples of how far defensive technology has come. But attackers have evolved, too. When systems are hardened, they go after people instead — phishing users, exploiting weak endpoints, and bypassing security layers by social engineering rather than brute force.

“If it’s smart, it’s vulnerable,” Hypponen reminded the audience.

Increasingly, defenders are turning to AI to level the field. While attackers may use AI for scanning and automation, Hypponen believes it’s one of the few areas where defenders may currently hold the advantage. From identifying zero-day vulnerabilities to improving threat detection in real time, AI is reshaping the frontlines.

“AI is the key,” he said. “It’s the biggest technological revolution I’ve seen in my life.”

But even the smartest tools require the right environment to succeed. Black Hat founder Jeff Moss, who introduced Hypponen, maintained that culture remains critical. Without the right foundation, he said, even the best strategies can fail.

“If the culture of your company isn’t right, strategy doesn’t matter,” Moss said. “Don’t go writing strategies that have no chance of surviving your culture.”

Editor’s note: This news article was first published on our sister site TechRepublic.

Matt Gonzales

Matt Gonzales is the Managing Editor of Cybersecurity for eSecurity Planet. An award-winning journalist and editor, Matt brings over a decade of expertise across diverse fields, including technology, cybersecurity, and military acquisition. He combines his editorial experience with a keen eye for industry trends, ensuring readers stay informed about the latest developments in cybersecurity.

eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

Propriété de TechnologyAdvice. © 2026 TechnologyAdvice. Tous droits réservés

Divulgation publicitaire : Certains des produits qui apparaissent sur ce site proviennent d'entreprises dont TechnologyAdvice reçoit une compensation. Cette compensation peut influencer la façon dont les produits apparaissent sur ce site, notamment l'ordre dans lequel ils apparaissent. TechnologyAdvice n'inclut pas toutes les entreprises ou tous les types de produits disponibles sur le marché.