EDITOR ’ S QUESTION
HOW IS GENERATIVE AI FACILITATING MORE SOPHISTICATED CYBERATTACKS AND HOW CAN ORGANISATIONS PREVENT AGAINST THIS ?
Acronis , a global leader in cyber protection , has released the findings of its mid-year cyberthreats report , From Innovation to Risk : Managing the Implications of AI-driven Cyberattacks . The comprehensive study , based on data captured from more than 1 million global endpoints , provides insight into the evolving cybersecurity landscape and uncovers the growing utilisation of Generative Artificial Intelligence ( AI ) systems , such as ChatGPT , by cybercriminals to craft malicious content and execute sophisticated attacks .
“ The volume of threats in 2023 has surged relative to last year , a sign that criminals are scaling and enhancing how they compromise systems and execute attacks ,” said Candid Wüest , Acronis VP of Research . “ To address the dynamic threat landscape , organisations need agile , comprehensive , unified security solutions that provide the necessary visibility to understand attacks , simplify context and provide efficient remediation of any threat , whether it be malware , system vulnerability and everything in between .” avoiding detection in traditional antivirus models and public ransomware cases have exploded relative to last year . Acronis-monitored endpoints are picking up valuable data about how these cybercriminals operate and recognises how some attacks have become more intelligent , sophisticated and difficult to detect .
Drawing from extensive research and analysis , key findings from the report include :
• Acronis blocked almost 50 million URLs at the endpoint in Q1 2023 , a 15 % increase over Q4 2022 .
• There were 809 publicly mentioned ransomware cases in Q1 2023 , with a 62 % spike in March over the monthly average of 270 cases .
• In Q1 2023 , 30.3 % of all received emails were spam and 1.3 % contained malware or phishing links .
• Public AI models are proving an unwitting accomplice for criminals looking for source code vulnerabilities , creating attacks and developing fraud prevention-thwarting attacks like deep fakes .
According to the report , phishing is the primary method criminals use to unearth login credentials . In the first half of 2023 alone , the number of email-based phishing attacks has surged 464 % when compared to 2022 . Over the same frame , there has also been a 24 % increase in attacks per organisation . In the first half of 2023 , Acronis-monitored endpoints observed a 15 % increase in the number of files and URLs per scanned email . Cybercriminals have also tapped into the burgeoning Large Language Model ( LLM ) -based AI market , using platforms to create , automate , scale and improve new attacks through active learning .
Cybercriminals are becoming more sophisticated in their attacks , using AI and existing ransomware code to drill deeper into victims ’ systems and extract sensitive information . AI-created malware is adept at
Traditional cybersecurity methods and lack of action let attackers in , the report shares :
• There is a lack of strong security solutions in place that can detect zero-day vulnerability exploitations .
• Organisations often fail to update vulnerable software in a timely manner , long after a fix becomes available .
• Linux servers face inadequate protection against the cybercriminals who are increasingly going after them .
• Not all organisations follow proper data backup protocol , including the 3-2-1 rule .
Acronis emphasises the need for proactive cyber protection measures . Leveraging an advanced solution that combines AI , ML and behavioural analysis can help mitigate the risks posed by ransomware and data stealers .
34 INTELLIGENTCIO EUROPE www . intelligentcio . com