Adrian Johnson
TLDR:
- Ransomware attacks are expected to increase in volume and impact over the next two years due to the use of artificial intelligence (AI) technologies, according to a warning from British intelligence.
- The National Cyber Security Centre (NCSC) stated that AI tools will benefit different threat actors unevenly, with generative AI already being used to enhance reconnaissance and social engineering tactics.
- While more sophisticated uses of AI are likely to be available to well-resourced threat actors by 2025, limitations on access to high-quality exploit data will restrict their widespread use.
British intelligence has issued a warning that the use of artificial intelligence (AI) technologies will cause a surge in both the volume and impact of ransomware attacks over the next two years. The National Cyber Security Centre (NCSC), a part of GCHQ, published an assessment stating that AI tools will benefit different threat actors unevenly. At present, generative AI is being used to improve reconnaissance and social engineering tactics, making them more effective, efficient, and harder to detect. The assessment also noted that AI is likely to assist with malware and exploit development, vulnerability research, and lateral movement by enhancing existing techniques.
One positive aspect highlighted by the intelligence experts is that more sophisticated uses of AI in cyber operations are likely to be limited to the best-resourced threat actors and are unlikely to be realized before 2025. The biggest limitation on the use of AI tools for hacking is the requirement for developers to have access to high-quality exploit data to train their models. Currently, it is only realistic to assume that highly capable states have large repositories of malware that are sufficient to effectively train an AI model for this purpose. However, as more successful hacks for this data occur, threat actors will be able to train more sophisticated tools, creating a positive feedback loop of increasingly effective cyber operations.
The assessment also revealed that there has already been a surge in ransomware attacks against British organizations. In the first three quarters of 2023, there were 874 attacks, compared to 739 incidents throughout the entirety of 2022, according to the Information Commissioner’s Office (ICO). James Babbage, the director general for threats at the National Crime Agency, emphasized that ransomware continues to be a national security threat and warned that advancements in AI technology will likely increase the threat in the coming years. Babbage stated that AI services lower barriers to entry for cyber criminals and boost their capabilities by improving the scale, speed, and effectiveness of existing attack methods.
Lindy Cameron, the outgoing chief executive of the NCSC, acknowledged the emergent use of AI in cyber attacks but emphasized that it enhances existing threats rather than transforming the risk landscape. The NCSC encourages organizations and individuals to follow ransomware and cybersecurity hygiene advice to strengthen their defenses and resilience against cyber attacks.
