Security pros hunker down as AI-powered attacks loom

Almost all (96%) of security leaders are now preparing for the emergence of AI-powered cyberattacks, with many embracing AI defenses, according to Darktrace citing a study conducted by MIT Technology Review.

MIT Technology Review Insights surveyed over 300 C-level executives, directors and managers worldwide between December 2020 and January 2021 to understand how they address present and future cyberthreats. 

The survey showed that the top three most concerning attacks were email attacks (74%), ransomware (73%) and cloud-based attacks (68%).

Among respondents, 96% of respondents are preparing for the onset of AI attacks and 68% expect AI to be used for impersonation and spear-phishing attacks.

Also, 60% of respondents believe that human-driven responses fail to keep up with automated cyberattacks.

“Of the individuals surveyed for this report, 60% are C-level executives and directors,” said Laurel Ruma, editorial director at MIT Technology Review. “From the results, it is clear that cyber security is a real and significant issue for business leaders. AI is going to play a very big part in securing all enterprises.”

Nicole Eagan, chief strategy and AI officer at Darktrace, said the findings show that we are at a watershed moment and business executives are preparing for a new era of attacks.

“Approaches that are based on analysing historical attacks will be ill-equipped to defend against Offensive AI,” said Eagan. “A fundamentally new approach using self-learning technology and autonomous response will be necessary to augment human security teams.”

The report includes a case study from McLaren Racing, which uses Darktrace’s Autonomous Cyber AI to detect and respond to fast-moving cyber-attacks. The case study details an instance in which the AI stopped a sophisticated email impersonation attack during a busy race weekend.

Further, the report details insights from Darktrace’s Director of Threat Hunting and former White Hat Hacker, Max Heinemeyer, who explores the security challenges of “fearware” — highly targeted scam emails that have exploited the public’s fears around the pandemic.