Managing The Effects Of AI-Driven Cyber Attacks

Leading cyber protection firm, Acronis, has released the findings of its Mid-Year Cyberthreats Report, called From Innovation to Risk: Managing the Implications of AI-driven Cyberattacks. The is based on data captured from more than one million global endpoints, provides insight into the evolving cyber security landscape and uncovers the growing use of generative Artificial Intelligence (AI) systems, such as ChatGPT, by cyber criminals to craft malicious content and execute sophisticated attacks.

The biannual threat report highlights ransomware as the dominant risk to small and medium-sized businesses. And while the number of new ransomware variants continues to decline, ransomware attacks' severity remains significant. 

Equally concerning is the growing prominence of data stealers, who leverage stolen credentials to gain unauthorised access to sensitive information. “The volume of threats in 2023 has surged relative to last year, a sign that criminals are scaling and enhancing how they compromise systems and execute attacks,” said Candid Wüest, Acronis VP of Research. “To address the dynamic threat landscape, organisations need agile, comprehensive, unified security solutions that provide the necessary visibility to understand attacks, simplify context, and provide efficient remediation of any threat, whether it may be malware, system vulnerability, and everything in between.”

According to the report's findings, phishing is the primary method criminals leverage to unearth login credentials. In the first half of 2023 alone, the number of email-based phishing attacks has surged 464% when compared to 2022. 

Over the same frame, there has also been a 24% increase in attacks per organisation. In the first half of 2023, Acronis-monitored endpoints observed a 15% increase in the number of files and URLs per scanned email. Cyber criminals have also tapped into the burgeoning large language model (LLM)-based AI market, using platforms to create, automate, scale, and improve new attacks through active learning.  

The Cyber Attack Landscape Is Evolving 

Cyber criminals are becoming more sophisticated in their attacks, using AI and existing ransomware code to drill deeper into victims’ systems and extract sensitive information. AI-created malware is adept at avoiding detection in traditional antivirus models and public ransomware cases have exploded relative to last year. 

Acronis-monitored endpoints are picking up valuable data about how these cyber criminals operate and recognises how some attacks have become more intelligent, sophisticated, and difficult to detect.

Drawing from extensive research and analysis, key findings from the Report include:    

  • Acronis blocked almost 50 million URLs at the endpoint in Q1 2023, a 15% increase over Q4 2022. 
  • There were 809 publicly mentioned ransomware cases in Q1 2023, with a 62% spike in March over the monthly average of 270 cases.
  • In Q1 2023, 30.3% of all received emails were spam and 1.3% contained malware or phishing links.  
  • Each malware sample lives an average of 2.1 days in the wild before it disappears. 73% of samples were only seen once.
  • Public AI models are proving an unwitting accomplice for criminals looking for source code vulnerabilities, creating attacks and developing fraud prevention-thwarting attacks like deep fakes. 

 Cyber criminal gangs phish to acquire credentials, extract data and dollars, of note:    

  • Phishing remained the most popular form of stealing credentials, making up 73% of all attacks. Business email compromises (BECs) were second, at 15%.
  • The LockBit gang was responsible for major data breaches.
  • Clop breached a mental health provider’s system, affecting the personal and HIPAA-covered data of more than 783,000 individuals.
  • BlackCat stole more than 2TB of secret military data, which included personal information of employees and customers, from an Indian industrial manufacturer.
  • Vice Society compromised 1,200 servers and the personal information of 43,000 students, 4,000 academic staff and 1,500 administrative staff at the University of Duisburg-Essen in Germany. 

Breaches Demonstrate Major Security Concerns 

Traditional cybersecurity methods and lack of action let attackers in, the report shares:   

  • There is a lack of strong security solutions in place that can detect zero-day vulnerability exploitations.
  • Organisations often fail to update vulnerable software in a timely manner, long after a fix becomes available.  
  • Linux servers face inadequate protection against the cyber criminals who are increasingly going after them.  
  • Not all organisations follow proper data backup protocol, including the 3-2-1 rule.

With these trends in mind, Acronis emphasises the need for proactive cyber protection measures. 

A sound cyber security posture requires a multi-layered solution that combines anti-malware, EDR, DLP, email security, vulnerability assessment, patch management, RMM, and backup capabilities. 

Leveraging an advanced solution that combines AI, machine learning, and behavioural analysis can help mitigate the risks posed by ransomware and data stealers. 

Through ongoing research, development, and collaboration with industry partners, Acronis is committed to empowering individuals and businesses by providing innovative solutions which protect against emerging cyberthreats. 

You Might Also Read: 

Is It Possible To Trust AI Decision-Making In Cybersecurity?:

_________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

 


Cyber Security Intelligence: Captured Organised & Accessible


 

 

« WatchGuard Expands Identity Protection Capabilities
Britain's Biggest Hospital Held To Ransom »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

HackerOne

HackerOne

HackerOne was started by hackers and security leaders who are driven by a passion to make the internet safer.

Cyber Security Experts Association of Nigeria (CSEAN)

Cyber Security Experts Association of Nigeria (CSEAN)

Cyber Security Experts Association of Nigeria (CSEAN) is a not for profit group of professionals in the field of Information Security in Nigeria and Diaspora.

Commissum

Commissum

Commissum specialise in information assurance and security testing services.

ClearDATA

ClearDATA

The ClearDATA Managed Cloud protects sensitive healthcare data using purpose-built DevOps automation, compliance and security safeguards, and healthcare expertise.

The Open Group

The Open Group

The Open Group: Leading the development of open, vendor-neutral IT standards and certifications.

Waratek

Waratek

Waratek is a pioneer in the next generation of application security solutions known as Runtime Application Self-Protection or RASP.

CIO Dive

CIO Dive

CIO Dive provides news and analysis for IT executives in areas including IT strategy, cloud computing, cyber security, big data, AI, software, infrastructure, dev ops and more.

Seavus Accelerator

Seavus Accelerator

Seavus Accelerator's goal is to create an enabling and stimulating environment for start-ups growth and provide continuous high quality acceleration and investment support.

SkyePoint Decisions

SkyePoint Decisions

SkyePoint Decisions is a leading Cybersecurity Architecture and Engineering, Critical Infrastructure and Operations, and Applications Development and Maintenance IT service provider.

Quantexa

Quantexa

Quantexa automates millions of operational decisions, at scale, across multiple business units, including Anti-Money Laundering, Know-Your-Customer, Fraud, Credit Risk and Customer Intelligence.

Drawbridge

Drawbridge

Drawbridge is a premier provider of cybersecurity software and solutions to the alternative investment industry.

Avalanchio Technologies

Avalanchio Technologies

The Avalanchio platform gives you a complete solution to collect, process, and analyze security data to detect threats in real-time and analyze historical data using security DSL or SQL.

Schellman

Schellman

Schellman is a leading provider of attestation and compliance services.

Plerion

Plerion

Plerion is an all-in-one Cloud Security Platform that supports workloads across AWS, Azure, and GCP delivering cloud security posture management, workload security, data security and more.

ABM Technology Group

ABM Technology Group

ABM Technology Group (formerly True IT) provide business information technology services, solutions, and consulting for small to mid-sized organizations.

Continent 8 Technologies

Continent 8 Technologies

Continent 8 Technologies is the leading provider of managed hosting, connectivity, cloud and cybersecurity solutions to the global online gambling industry.