AI-powered attacks seen as posing biggest risk to firms

AI-powered attacks are the most serious emerging attack vector and the most challenging to handle, according to a new report from Keeper Security.

Findings are based on survey of more than 800 IT and security leaders around the globe.

Results revealed that 92% of respondents have seen an increase in cyberattacks year-over-year. As cybersecurity incidents become more frequent, 95% of IT leaders say that cyberattacks are also more sophisticated than ever – and they are unprepared for this new wave of threat vectors. 

IT leaders said the emerging attack vectors they’re witnessing first-hand at their organisations include AI-powered attacks (51%), deepfake technology and supply chain attacks (both 36%), cloud jacking (35%), Internet of Things (IoT) attacks and 5G network exploits (both 34%), and fileless attacks (24%).

Also, respondents said they are ill-equipped to defeat those emerging techniques, lacking defense for AI-powered attacks (35%), deepfake technology (30%), 5G network exploits (29%), cloud jacking (25%), and fileless attacks (23%).

Even as they prepare to overcome emerging attack techniques, 73% of respondents report experiencing a cyberattack that resulted in monetary loss. 

Direct financial impact is one of many consequences of a successful cyberattack, along with business disruption, enduring revenue loss, customer and partner attrition, and tarnished reputation. 

“Malicious actors are wreaking havoc on vulnerable organisations in novel ways, leveraging emerging technology to execute devastating cyberattacks,” said Darren Guccione, CEO and co-founder of Keeper Security. 

“Fighting evolving threats requires constant adaptation, underscoring the need for a proactive approach to cybersecurity – one that combines advanced defense mechanisms and basic best practices to identify evolving threats and defeat a cyberattack,” said Guccione.

While novel threats cast a looming shadow, IT leaders are stretched thin as they combat today’s most common threat vectors, with the following types of attacks directly impacting their organisations — phishing (61%), malware (59%), ransomware (49%), password attacks (38%).

The explosion in AI tools has intensified problems like phishing attacks by increasing the believability of scams and enabling cybercriminals to deploy them at scale. 

Among those surveyed, 84% said that phishing and smishing have become more difficult to detect with the rise in popularity of AI-powered tools, and revealed that AI-powered phishing is their top concern (42%) when it comes to AI security. 

In addition to phishing, malicious actors weaponise AI to speed up and scale other common attack techniques, such as password cracking. 

Among the multitude of cyberattacks increasing in frequency, survey respondents cite phishing (51%), malware (49%), ransomware (44%), and password attacks (31%).

Stolen or weak passwords and credentials remain a leading cause of breaches, as 52% of respondents shared that their company’s IT team struggles with frequently stolen passwords, underscoring the importance of creating and safely storing strong, unique passwords for every account.