UK infrastructure sectors alarmed over rise in AI cyber threats
According to new research carried out by cyber security provider Bridewell, more than three-quarters of the UK's key infrastructure organisations detect peril in the increasing use of artificial intelligence (AI) in cybercrime. The study, which surveyed 521 cyber decision makers across a multitude of enterprises deemed crucial for the seamless running of society, such as civil aviation, telecommunications, energy, transport, media, financial services and water supply, revealed significant concerns regarding AI-powered cyber threats.
The study highlights that over 70% of respondents fear all of the AI-driven threats detailed in the research, which includes a range of fears from the continuing evolution of tactics, automated hacking, to AI-powered phishing attacks. A dramatic 78% of participants shared apprehensions about AI-powered phishing attacks, where criminals make use of AI to drastically enhance the precision and scripting of their malicious emails. The same percentage shared concerns about the development of adaptive AI cyber attacks that incessantly refine their strategies.
These threats, coupled with a fear of AI-driven exploit development and automated hacking using AI, are indicative of the wide-ranging concerns shared by over 70% of respondents. Even polymorphic malware, which morphs with each infection, was identified as a potential threat by 73% of those surveyed, painting a rather ominous picture of the perceived risks associated with AI.
However, despite these apprehensions, 94% of respondents indicated that they are currently utilising AI tools in their operations, indicating that its perceived benefits are outweighing the potential threats. Director of Managed Security Services at Bridewell, Martin Riley, reflected that while at the early stages, the concern about AI-driven cyber attacks is not without merit, as the technology presents itself as a future threat. Riley also commented on the use of AI by organisations, "Businesses can prepare for the impending AI arms race by incorporating the technology into their cyber defence strategies. AI can be a force for good by helping Critical National Infrastructure (CNI) organisations enhance threat intelligence capabilities and accelerate detection and response strategies."
The research also unveiled that the application of AI in cyber defences is just in its nascent phase. Less than 30% of respondents' organisations are making use of AI-powered threat intelligence platforms, AI-driven data-loss prevention, AI-enhanced endpoint protection, or AI-based phishing detection and prevention. What's evident, however, is that the use of AI tools is a trend set to gain momentum as cyber threats escalate and become increasingly sophisticated. Businesses are starting to harness AI to analyse large datasets rapidly, enabling the detection of malicious activity in a system or network and spotting behaviour that stands out as being suspicious.
Considering the prevalent worries about future AI-driven cyber attacks and AI's increased adoption, it's clear that there's a real demand for strategies and tools that can effectively counteract these intensifying threats.