AI likely to increase global ransomware threat in 2024
The National Cyber Security Centre estimates a marked increase in ransomware thanks to the rise of AI and its increased use for crime.
Their recent report, ‘The near-term impact of AI on the cyber threat’ shares a series of key findings, including:
- Artificial intelligence (AI) will almost certainly increase the volume and heighten the impact of cyber attacks over the next two years.
- All types of cyber threat actor – state and non-state, skilled and less skilled – are already using AI, to varying degrees.
- AI provides capability uplift in reconnaissance and social engineering, almost certainly making both more effective, efficient, and harder to detect.
- More sophisticated uses of AI in cyber operations are highly likely to be restricted to threat actors with access to quality training data, significant expertise (in both AI and cyber), and resources.
It makes sobering reading but there’s also a glimmer of hope.
That hope is that AI will increasingly be used in cyber defence as well as attack. Increased defence capabilities should keep up, if not overtake attacks for a while at least.
James Babbage, Director General for Threats at the National Crime Agency, said:
“Ransomware continues to be a national security threat. As this report shows, the threat is likely to increase in the coming years due to advancements in AI and the exploitation of this technology by cyber criminals.
“AI services lower barriers to entry, increasing the number of cyber criminals, and will boost their capability by improving the scale, speed and effectiveness of existing attack methods. Fraud and child sexual abuse are also particularly likely to be affected.
“The NCA will continue to protect the public and reduce the serious crime threat to the UK, including by targeting criminal use of GenAI and ensuring we adopt the technology ourselves where safe and effective.”
AI ransomware threats
The AI ransomware threat landscape is a little muddied right now as people on both sides of the equation figure out what’s possible, what’s likely and what isn’t.
One thing the NCSC did say was AI is lowering the barrier to entry for cybercrime as anyone with the funds and desire could use it to attack.
That’s no different than the rise of Malware as a Service which we have seen over the past couple of years.
In fact, the report mentions GenAI-as-a-service, the use of generative AI to help create ransomware and presumably assist with social engineering.
The NCSC also predicts the use of AI to improve code for malware and to identify areas of vulnerability within networks.
There have been no recorded instances of this yet, but we bet they are out there.
The Bletchley Declaration
The Bletchley Declaration, agreed at the AI Safety Summit at Bletchley Park in November, is a global effort to help manage the risk presented by AI and ensure responsible development.
That’s won’t necessarily stop bad actors going it alone but should restrict their ability to use commercial AI for nefarious purposes.
The light and the tunnel
While the rise of AI-drive ransomware is cause for concern, the good news is that you can still protect yourself from it using good practices.
All the things we currently recommend businesses use to protect against malware will still work against AI-generated malware.
Those good practices include:
- Identify areas of weakness and mitigate against them
- Harden endpoints and secure ports
- Use industry-standard antimalware solutions
- Mandate a robust backup procedure
- Work with IT partners that can provide protection from AI threats
- Keep systems updated
- Create effective policies and procedures
- Perform regular training for staff
- Extra training and awareness on social engineering
That final point is probably the most important in terms of AI. While many threats will be increased due to artificial intelligence, it’s social engineering that will be impacted most.
The ability for AI to quickly create credible emails and messages for social media means we’re likely to see an increase in the quality and quantity of social engineering attacks.
Extra training for awareness and what to look for is going to be essential.
The risks of AI ransomware and other threats may be increasing, but so is our defence capability. Work with an IT partner who takes AI seriously, like Cloud Heroes and you can rest easy knowing some of the best in the business are protecting you from harm.