close
close

Association-anemone

Bite-sized brilliance in every update

Artificial Intelligence-Assisted Attacks Biggest Cyber ​​Threat, Gartner Finds
asane

Artificial Intelligence-Assisted Attacks Biggest Cyber ​​Threat, Gartner Finds

For the third consecutive quarter, Gartner has found that organized cyber attacks using artificial intelligence are the biggest risk to businesses.

The consulting firm surveyed 286 senior risk and insurance executives from July to September, and 80 percent cited malicious AI attacks as the top threat they were concerned about. This is not surprising, as evidence suggests that AI-assisted attacks are on the rise.

Other frequently cited emerging risks presented in the report include AI-assisted disinformation, growing political polarization, and misaligned organizational talent profiles.

Attackers use AI to write malware, create phishing emails, and more

In June, HP intercepted an email campaign spreading malware in the wild with a script that “It was very likely written with the help of GenAI.” The VBScript was well structured and each command had a comment, which would prove an unnecessary effort for a human to write.

The researchers then used GenAI to produce a script and found similar results, suggesting that the original malware was at least partially generated by AI.

SEE: 20% of AI generative “Jailbreak” attacks are successful

Number of business email compromise attacks detected by security firm Vipre in the second quarter were 20% higher than in the same period in 2023 and two-fifths of them were generated by AI. Top targets were CEOs, followed by HR and IT staff.

Usman Choudhary, Chief Product and Technology Officer, VIPRE, said in press release: “Malefactors are now using sophisticated AI algorithms to craft convincing phishing emails, mimicking the tone and style of legitimate communication.”

Retail sites alone averaged 569,884 AI led attacks every day from April to September, according to Imperva Threat Research. The researchers said tools such as ChatGPT, Claude and Gemini, as well as special bots that scrape websites for LLM training data, are being used to conduct distributed denial-of-service attacks and business logic abuse, for example.

Several ethical hackers admit to also using GenAI with the proportion increased from 64% to 77% in the past yearaccording to a report from BugCrowd. These researchers say it helps with channel-of-death attacks, bug injection attacks, and automating parallelized attacks to breach multiple devices simultaneously. But if the “good guys” find AI valuable, so do the bad actors.

The increase in these attacks should come as no surprise

AI can lower the barrier to entry for cybercrimebecause less skilled criminals can use it to generate deepfakes, scan networks for entry points, reconnaissance and more. Researchers from ETH Zurich recently created a model that could solve Google’s reCAPTCHAv2 puzzles used to distinguish between humans and bots 100% of the time.

Analysts at security firm Radware predicted earlier this year that this new accessibility would lead to development of private GPT models used for nefarious purposes. They also predicted that the number of zero day exploit and deepfake scams would increase as malicious actors become more proficient with LLMs and generative adversarial networks.

indeed Mandiant from Google tracked a total of 97 zero-day vulnerabilities that were discovered and exploited in 2023, marking a 56% increase. from a year earlier. Last month, Microsoft listed deepfakes among the most important types of attacks used by increasingly prolific ransomware groups.

SEE: AI Deepfakes growing as a risk for APAC organizations

Executives are also concerned about over-reliance on IT vendors

IT vendor criticality also made Gartner’s list of top concerns among senior risk and assurance executives for the first time this quarter.

Zachary Ginsburg, senior research director in the Gartner Risk and Audit Practice, said in a Gartner press release: “Customers with a single-vendor concentration of services may face increased risks in the event of disruptions or unanticipated changes in services. depending on new regulations or legal decisions in the EU, US or elsewhere.”

He hinted The July CrowdStrike incidentwhich disabled approximately 8.5 million Windows devices worldwide and caused massive disruption to emergency services, airports, law enforcement agencies and other critical organizations.

SEE: What is CrowdStrike? Everything you need to know

“Because third parties, such as SaaS providers, rely on other providers, organizations may not realize the full extent of their exposure,” Ginsburg added. Gartner estimates that 45% of businesses globally will have suffered attacks on their software supply chains until 2025.