IT Brief Australia - Technology news for CIOs & IT decision-makers
Story image
Global companies ill-prepared for AI-boosted cyber threats, reveals Darktrace study
Mon, 11th Mar 2024

New research released by cyber security firm Darktrace unveils that the conscious apprehension of AI-augmented cyber attacks is not met with equal preparedness. IT and security teams globally remain ill-equipped, despite acknowledging the growing prominence of such threats.

Darktrace's analyses, derived from a survey of 1,773 IT professionals and a holistic examination of its customer data, present an alarming picture of the evolving cybersecurity landscape. The study showed that 89% of IT security specialists predict AI-boosted cyber threats will significantly affect their organisations within the next two years. Yet, 60% confess their inadequacy in defending against these attacks.

The findings also spotlight the popularity of specific attack methods among cybercriminals. Darktrace recorded a 14% rise in phishing emails sent to its customers in December 2023 alone, hiking the number to 2,867,000 from the figure seen in September. Meanwhile, sophisticated social engineering or phishing attacks, known for their advanced language and punctuation usage, have increased by 35% between September and December 2023. These statistics follow an average 135% upsurge in such attacks in January and February last year, which coincide with the general uptake of the AI language model, ChatGPT.

What particularly concerns IT security teams is the escalation in the volume and sophistication of malware attacks, such as those through phishing emails, which exploit known software vulnerabilities. Both this and the possible leakage of sensitive data because of employee usage of generative AI tools scored 3.84 out of 5 in the degree of risk, as per the survey respondents.

These continuously advancing phishing techniques hint at the escalated usage of generative AI tools by cyberattackers to enhance the potency of their assaults. With the expanding deployment of AI, the damage caused by automation and as-a-service attacks is multiplying. Darktrace’s threat report from January revealed that as-a-service attacks, offering cybercriminals everything from readymade malware to templates for phishing emails and payment processing systems, constitute the majority of attacks.

Discussing the cyber security environment, Poppy Gustafsson, CEO of Darktrace, highlighted the combination of a challenging geopolitical arena and easily accessible generative AI tools which lower the entry barriers for malicious actors. She said: "We continue to see the cyber-crime landscape evolve rapidly. Against this backdrop and in the period ahead, we are preparing to roll out enhanced market and product positioning to better demonstrate how our unique AI can help organisations to address novel threats across their entire technology footprint."

Darktrace's recent findings underscore the urgency of bolstering cybersecurity measures and understanding the changing nature of cyber threats. It is evident that AI has become a robust tool in the arsenal of cybercriminals, making it vital to develop more robust cyber security strategies to counter these advanced threats.