Attackers using AI in ransomware campaigns


By Dylan Bushell-Embling
Wednesday, 09 August, 2023


Attackers using AI in ransomware campaigns

Threat actors are using artificial intelligence to shape phishing and ransomware campaigns, and are expected to increasingly look to generative AI to craft more effective attacks, according to research from Barracuda Networks.

An analysis of 175 successful ransomware attacks across the world committed between August 2022 and July 2023 found that the number of reported attacks has doubled across all industries covered by the research since last year.

The most targeted industries include the local government sector (which accounted for 21% of analysed attacks), health care (18%) and education (18%), Barracuda Networks said.

Attackers have been using generative AI to help create believable phishing emails, which is leading to attack campaigns that lack the spelling and grammar mistakes that have typically been telltale signs of illegitimate emails, the research found.

Use of generative AI is extending to trawling social media to make attacks more customised to the victims. Attackers are meanwhile using the code-generation capabilities of generative AI to write malicious code for exploiting software vulnerabilities.

In tandem, these changes could ensure that the skill required to start a ransomware attack could be reduced to constructing a malicious AI prompt or having access to ransomware-as-a-service tools, the research indicates.

Business email compromise (BEC) meanwhile remains the most common attack type discovered by Barracuda’s security operations centre teams (36.4%), followed by ransomware (27.3%), malware infections (15.2%) and insider threats (12.1%).

Image credit: iStock.com/WhataWin

Related Articles

If you want to fix cyber, stop trying to fix people

We need to stop trying to fix people and start understanding and supporting them with the right...

Managing through uncertainty requires facing security unknowns head on

Understanding the attack surface in its entirety is not just a tactical advantage; it is a...

Why the success of modern cyber defence hinges on identity security

 A single compromised identity could easily provide the keys to the kingdom if it isn't...


  • All content Copyright © 2024 Westwick-Farrow Pty Ltd