Artificial intelligence is a game changer in cyber security, with cyber criminals exploiting AI to launch sophisticated targeted attacks and organisations looking to use the emerging technology to strengthen defence.
This is according to the Trend Micro 2023 Annual Cybersecurity Report, based on input from the cyber security firm’s commercial and consumer clients.
The report, officially released in Johannesburg this week, shows that threat actors have deviated from big-batch attacks to focus on a narrower range of more lucrative targets – and AI is central to these attacks.
“While threat actors are using AI to increase the velocity and sophistication of attacks, defence want to use it to reduce the time taken to respond,” says Gareth Redelinghuys, country managing director, African Cluster at Trend Micro.
IT leaders must refine their processes and protocols to enable their defences to combat persistence with efficiency.
Zaheer Ebrahim, solutions srchitect, Middle East, and Africa at Trend Micro
“Our latest data shows that threat actors are fine-tuning their operations, shifting away from large-scale attacks, and instead focusing on a smaller range of targets but with higher victim profiles for maximum gain with minimum effort. As they continue to double down on tried and tested techniques, they are also delegating and streamlining operations - resulting in bolder, more effective strikes,” says Redelinghuys.
According to Trend Micro, the use of GenAI in phishing attempts is already branching beyond e-mails and texts to include persuasive audio and video ‘deepfakes’ for an even more business-affecting threat.
“Imagine a company that requires live voice authorisation for purchases above a million dollars, for example. An attacker could send a real-seeming email request with a rigged phone number embedded and answer the confirmation call with a deepfaked voice to validate the transaction. These new tactics introduce the possibility of everything from stock market manipulations to democratic or wartime disinformation campaigns, or smear attacks on public figures,” Redelinghuys adds.
The barriers to entry for techniques like these have dropped with the rise of readily available app-style interfaces like the AI-powered video creation tool HeyGen, the security company points out.
The report notes that AI clears the way for amateur cyber criminals, while creating novel playgrounds for seasoned actors. Cyber criminals with no coding knowledge or special computing resources can produce customised high-resolution outputs that are humanly undetectable.
High-value targets over volume
Trend Micro claims to have blocked more than 159 million e-mail threats, around 8 million malicious URLs and over 22 million malicious mobile apps targeted at South African businesses and consumers during 2023.
Almost 40 000 ransomware attacks were also blocked by the company in South Africa in 2023. However, year-on-year research shows that ransomware groups are working smarter instead of harder, prioritising high-value targets over volume.
Other emerging threats include the application of malicious data into legitimate AI bots – or poisoned data – that forces an override of legitimate data and enables easy entry into systems, as well as tailor-made worms and ‘jail breaking’ to manipulate the LLMs within AI.
Zaheer Ebrahim, solutions srchitect, Middle East, and Africa at Trend Micro, says, “Our research shows that these increasingly sophisticated attacks are going to become more and more difficult for businesses to detect and that they will be increasingly costly when they succeed. IT leaders must refine their processes and protocols to enable their defences to combat persistence with efficiency.”
The company continues to advocate increased cyber security training and awareness initiatives, regular backups, a zero-trust approach, and strong authentication mechanisms.
Share