The Rising Tide of Cyberattacks with AI you need to watch for 2024
Your organization’s data is a gold mine not just for your company but also for cybercriminals looking to mine and profit from it. While AI technology can certainly offer benefits in the realm of cybersecurity—streamlining threat detection capabilities, analyzing vast amounts of data, and automating incident response protocols—it also has the potential to be weaponized by cybercriminals.
In particular, cybercriminals have begun leveraging AI technology to seek out their targets more easily, launch attacks at greater speeds and in larger volumes, and wreak further havoc amid these attacks. Here are five ways hackers are using AI to hunt your organization’s data quite literally and metaphorically:
-
- Deploying social engineering scams: Generative AI tools are offering the best tools to create better and more appealing social engineering messaging (e.g., emails, texts, and phone calls) to trick targets into unknowingly sharing sensitive information or downloading harmful software. Some of the advancements in AI for social engineering include:
- Better phishing emails/SMS: Creating effective phishing emails has never been easier. I mean, generative AI is being leveraged to create emails and calls to action that are very likely to have the most impact. Consider, for example, that users often learn to spot phishing emails by looking for grammar mistakes. AI-powered grammar checkers like Grammarly/ChatGPT/Gemini can help attackers improve their writing.
- Deep Fakes: We’ll see AI tools used to generate video or audio that is hard to distinguish from real humans. Authentication based on voice and such actions are going to work harder.
- Fake Media: In the era of “I have the receipts”, we’ll see AI used to generate false screengrabs of social conversations such as WhatsApp images and even Emails, fake pictures; you will find yourself juxtaposed in places you never were, completely with your favorite actions/people.
- AI poisoning: tricking tour security systems with false context and data sets. Like, using a hijacked user account to log into a system every day at 2 a.m. to do innocuous work, making the system think that there’s nothing suspicious about working at 2 a.m. and reduces the security hoops the user has to jump through.
- Cracking credentials: A recent cybersecurity report found that some AI tools are capable of cracking more than half of common passwords in under a minute and over two-thirds of such credentials in less than a day. Those using pas$w0rd as their password and using it across multiple platforms are in for a rude shock.
- Writing harmful code: AI chatbots are now able to generate illicit code in a matter of seconds, permitting cybercriminals with varying levels of technical expertise to launch malware attacks with ease.
- Identifying digital vulnerabilities: AI technology could permit cybercriminals to detect a wider range of software flaws and vulnerabilities they can exploit, such as unpatched code or outdated security programs, therefore providing additional avenues and entry points for launching attacks.
- Reviewing stolen data: With AI technology, cybercriminals can analyze vast amounts of stolen data much faster, allowing them to make quick decisions and speed up the total time it takes to execute their attacks.
- Deploying social engineering scams: Generative AI tools are offering the best tools to create better and more appealing social engineering messaging (e.g., emails, texts, and phone calls) to trick targets into unknowingly sharing sensitive information or downloading harmful software. Some of the advancements in AI for social engineering include:
So what am I saying, or are am I just selling fear?
Yes. With regulators imposing huge fines for breaches, never mind the impact on your business and the costs of operations, the AI-driven cyber threats in 2024 will need your attention. A good starting point is to see how the changing landscape is going to impact your company in 2024. And then evaluate and asses measures to safeguard your company.
A simple solution involves Upholding proper cyber hygiene for your users and systems. Such hygiene refers to habitual practices that promote the safe handling of critical workplace information and connected devices. These practices can help keep networks and data protected from various AI-driven cyber threats. Here are some key components of cyber hygiene for businesses to keep in mind that we are able to help with:
- Deploy Multi-Factor Authentication; the 2 factor is what could save your final domino failure, and we insist all organizations “force this on all users” and not just the SMS; use app multifactor or keys where possible.
- Deploy Context-Aware Access: This is a measure that restricts access or actions to your company systems or applications based on context, such as location, IP addresses, device types, etc. So when access or actions occur outside this context, access is refused.
- Backing up business data (Multi-Cloud) and on a regular basis. Don’t put all your eggs in one basket/location/vendor. Our approach is to deliver a multi-cloud backup system that encrypts your data and gives full restore, retention, and access control backup locations. We deliver a Grandfather→Father→Child backup strategy as follows: a full backup (at the start)→ incremental backup (daily/weekly )→A differential backup (on staggered times, say quarterly )
Have a plan for your data, threats, and recovery plan: Being attacked is now a matter of when, not if, and having a cyber incident response plan can help your businesses ensure they have necessary protocols in place when cyberattacks occur, thus keeping related damages at a minimum. Besides, this is what is mandated by the Office of the Data Protection Commissioner (ODPC). Your plans should be well-documented and should include details of data you collect, process, and store about your stakeholders so you are able to assess the impact of damage when it happens and remain in compliance with the requirements of ODPC. Such Data can include:
- Types of Data Collected
- Technical Information
- Risks and Safeguards
- Authorization and Access Control
- Data Loss Prevention Measures
- Organizational Safeguards include internal threats (the biggest weak points are internal employees), training, and disciplinary measures.
- Purchase coverage (and pray); Purchase cybersecurity insurance to safeguard losses that may arise from attacks. It’s best for businesses to consult trusted insurance professionals to discuss specific coverage needs.
Closing Remarks
The law of unintended consequences is that actions always have effects that are unanticipated or “unintended.” The same can be said of the rise of AI adoption technology, which is likely to contribute to rising cyberattack frequency and severity, an unintended consequence we all have to deal with!
Our Cloud Security Assessment and Audit practice specializes in reviewing vulnerabilities across your infrastructure, from email systems to applications, ensuring a comprehensive defense strategy. Our passion for security drives us to equip businesses like yours with the tools and insights needed to navigate the evolving threat landscape. And to kickstart the year on a secure note, we’re extending an offer for a complimentary cloud security assessment audit for your organization.