Every year, Sophos puts out an expected threat profile based on events, etc.
I won't bother summerizing their report, as it's available for free at the external link above, and it's quite interesting to read. From the linked page:
"The gloves came off in 2022. While Russia-based threat actor groups spread misinformation and launched multiple cyberattacks against Ukraine, China-based (and likely sponsored) threat actor groups attacked hardware security products made by nearly every company in the cybersecurity and infrastructure industries.
During this time, the cybercriminal economy has increasingly transformed into an industry. Information technology companies have shifted to “as-a-service” offerings, and the cybercrime ecosystem has done the same. Access brokers, ransomware, information-stealing malware, malware delivery, and other elements of cybercrime operations have lowered barriers to entry for would-be cybercriminals."