AI-Enhanced Cyber Attacks Tops the List of Data Security Threats

Role-of-AI-FEATURED AI is quickly becoming the basis for more cyber attacks, leading organizations to realize the risk it presents. A new report now shows that AI-enhanced cyber attacks are now the top concern of security leaders.

I recently wrote about how prolific ransomware attacks are and what the outcomes were for those experiencing attacks. In the same report - GetApp’s 2024 Data Security report – I also found some interesting data around where AI sits in the list of concerns for cybersecurity leaders.

According to the report, AI-enhances attacks were the number one concern (out of twelve possible answers), represented by 36% of organizations globally. AI’s use in cyber attacks is a greater concern than phishing, ransomware, cloud, and supply chain attacks.

What’s interesting is the breakdown of AI concerns, shown in the chart below:

AI-cyberthreats-threats-next-12-months-US-GA-INFOGRAPHIC

Source: Ctfassets

61% of U.S. employees equally are concerned about AI-enhanced malware and AI-enhanced phishing attacks.

The malware concerns me less, as security solutions are making great strides in detecting zero-day malware – even those with sophisticated methods of evasion. It’s the enhanced phishing attacks that worry me.

AI isn’t just used to create well-written emails anymore; it’s only a matter of time until someone develops an AI LLM that will do the diligence about an organization, it’s employees, cross-referencing social media, etc., all in the name of defining individual employee targets and generating phishing emails that have the greatest chance of tricking an end user.

This isn’t fear-mongering – it’s quickly becoming a reality today. Which is why it’s so important that every employee be enrolled in new-school security awareness training to maintain a sense of vigilance that goes beyond anything even AI can come up with.

If your employee’s default is “this is malicious until proven otherwise” (something taught in security awareness training), your organization will significantly reduce the risk of even AI-enhanced cyber attacks.

New-school security awareness training can give your organization an essential layer of defense against phishing attacks. KnowBe4 empowers your workforce to make smarter security decisions every day. Over 70,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.

BreachSim

Free downloadable software tool

How easy is it for bad actors to penetrate your system and exfiltrate your data? Pinpoint vulnerabilities, take action and build stronger cyber defenses with BreachSim, a free downloadable software tool from KnowBe4. Based on techniques outlined in the MITRE Att&CK framework, BreachSim launches 12+ data exfiltration scenarios to uncover the stark reality of what happens when employees unknowingly fall for an attack.

How BreachSim works: