Cybercrooks targeting enterprise genAI use

Cybercriminals are taking advantage of the increasing adoption of cloud applications and generative AI in the workplace to escalate threat activity, according to new research from Netskope.

The company’s annual Cloud and Threat Report found that enterprise adoption of generative AI applications has increased by 400% in the past year amid the ascendance of ChatGPT.

Today more than 10% of enterprise users are accessing at least one genAI app per month, up from just 2% a year ago, the report found. ChatGPT is the most popular application, accounting for 7% of enterprise usage.

But the increasing use of the technology is exposing enterprises to fresh security risks, according to Netskope Threat Labs’ Threat Research Director, Ray Canzanese.

“With growing AI app usage, employees are more likely to expose sensitive data like credentials, personal information or intellectual property,” he said. “For safe enablement of AI apps, organisations must implement reasonable controls and advanced data security capabilities while focusing on how employees can use AI productively.”

Meanwhile, adoption of cloud applications is also on the rise, with the number of cloud apps the enterprise accessed increasing by an average of 19% per year. Users are now using an average of 20 cloud apps, up from 14 two years ago.

Half of all enterprise users are interacting with 11 to 33 cloud apps per month, and using them to complete nearly 2000 activities per month. The top 1% of users are using more than 96 cloud apps per month, generating more than 50,000 activities.

As well as application attacks, cybercriminals are using social engineering to gain initial access to enterprise networks, the report states. The most common forms in the past year involved social engineering attacks like phishing to steal credentials and Trojans to trick victims into downloading and installing malware, with cloud apps among the top targets.

The research found that an average of 29 out of every 10,000 enterprise users click on a phishing leak per month, with other popular targets being banking portals, shopping sites and social media accounts. Meanwhile, users are downloading an average of 11 Trojans per month per 10,000 users.

While around 70% of attack activity targeting Netskope customers last year was criminally motivated, there was a geopolitical motivation in 12% of attacks, Canzanese said.

To safeguard against emerging threats, Netskope is calling on enterprises to make the safe enablement and adoption of AI apps an urgent priority. Enterprises should also continue investments into reducing the risk of social engineering, including security awareness training and anti-phishing technology, the report states.

Image: iStock.com/Laurence Dutton