The National Cyber Security Centre (NCSC) recently highlighted several concerns about the increasing impact of AI on cyberattacks over the next two years, emphasizing that it is expected to amplify the frequency and severity of threats, particularly with ransomware. The newly found accessibility of AI lowers the bar of entry for less skilled cybercriminals to gain a seat at the table, particularly for hackers-for-hire and hacktivists.
The NCSC predicted heightened global ransomware efforts in the next few years due to enhanced access and information-gathering combined with AI's improved targeting capabilities. While AI has proven to have vast technological potential, this also means vast potential for new, sophisticated cyberattacks.
Experts have already predicted that stolen and exposed credentials will be the most significant cloud security risk in 2024 after managed detection and response company Espel showed a 72% increase in cloud infrastructure incidents across the last year, with credentials exploitation linked to two in five incidents. Phishing attacks are more available and accessible than ever, so action from cyber professionals is needed urgently to combat these rampant AI-supported attacks.
Mark Appleton, Chief Customer Officer at ALSO Cloud UK, believes that IT professionals can fight fire with fire regarding AI-boosted ransomware threats. "Regarding AI ransomware threats, the bar for phishing has been lowered dramatically. But while AI is aiding your foes, ultimately, it's also your most significant friend for the next wave of cybersecurity.
"Whilst Generative AI cannot replace or replicate creativity, critical thinking and the problem-solving skills that people possess, it is still a vital part of the cybersecurity landscape, not just for attacks but also for defense.
Cybersecurity analyst Gartner stated that, by 2025, more than 50% of software engineering leadership roles will explicitly require oversight of GenAI. Ransomware remains a significant cyber threat to UK organizations in 2024, which has prompted the UK government to invest £2.6 billion in its Cyber Security Strategy to enhance the country's resilience, but turning to GenAI to support overstretched security teams is a sure way to bolster the cyber defenses of individual SMBs.
"Giving security teams an edge is more important than ever when it comes to the new ransomware landscape," Appleton said. "A quality AI solution has the potential to amplify the team's impact and efficiency, catching what others might miss and alleviating otherwise tedious tasks so senior staff can focus on strategic priorities. On the other hand, AI is being used to upkeep relentless spam and phishing attacks; for security teams, these data signals can be easily grouped, summarized, detected, and removed before they cause any harm.
“AI enables security to become much more proactive; you're fighting and winning the battles before they even begin. For cloud infrastructure in 2024, it's important to get ahead of adversaries before they can threaten your business – it's not like they'll show courtesy and wait for you to shore up defenses before beginning their assault. Trusting an AI solution to support your teams gives IT operators the tools to man the fort, block attacks, and ensure business operational continuity."
