Attackers using AI in ransomware campaigns


By Dylan Bushell-Embling
Wednesday, 09 August, 2023


Attackers using AI in ransomware campaigns

Threat actors are using artificial intelligence to shape phishing and ransomware campaigns, and are expected to increasingly look to generative AI to craft more effective attacks, according to research from Barracuda Networks.

An analysis of 175 successful ransomware attacks across the world committed between August 2022 and July 2023 found that the number of reported attacks has doubled across all industries covered by the research since last year.

The most targeted industries include the local government sector (which accounted for 21% of analysed attacks), health care (18%) and education (18%), Barracuda Networks said.

Attackers have been using generative AI to help create believable phishing emails, which is leading to attack campaigns that lack the spelling and grammar mistakes that have typically been telltale signs of illegitimate emails, the research found.

Use of generative AI is extending to trawling social media to make attacks more customised to the victims. Attackers are meanwhile using the code-generation capabilities of generative AI to write malicious code for exploiting software vulnerabilities.

In tandem, these changes could ensure that the skill required to start a ransomware attack could be reduced to constructing a malicious AI prompt or having access to ransomware-as-a-service tools, the research indicates.

Business email compromise (BEC) meanwhile remains the most common attack type discovered by Barracuda’s security operations centre teams (36.4%), followed by ransomware (27.3%), malware infections (15.2%) and insider threats (12.1%).

Image credit: iStock.com/WhataWin

Related Articles

Accelerating the adoption of passkeys without compromising user experience

We need authentication methods that remove the human element from the equation, and that's...

Modern CISOs must throw out the traditional cybersecurity playbook

The primary imperative for today's CISOs should be to align the security agenda with business...

AI agents: securing the 'artificial workforce'

Just as they would with new employees, security teams will need to define access policies for...


  • All content Copyright © 2025 Westwick-Farrow Pty Ltd