by Tony Palladino
Recently, I received a notice from AT&T stating that my personal info had been breached by a cyberattack – along with 73 million other customers. The numbers are staggering. I recall during my time at AWS when I was shocked to learn that there were more than 180 million cyberattacks reported in 2022, and that number increases each year. And that’s only what was reported. I am now wondering if the AI technology is benefiting the hackers more so than the cyber security solution providers.
In my last blog, I wrote about the evolution of AI, AGI and Artificial Super Intelligence. A former developer at OpenAI (the builders of ChatGPT) expressed serious concerns about bad actors, including foreign governments, potentially using AI for nefarious purposes. It makes sense that AI will play a role as a tool for hackers, as well as a tool for cyber security defenders and solution providers. Imagine that: AI hacking into a system defended by AI.
Diving deeper into this topic, I looked at several studies sponsored by various cyber security firms. I found a report from Crowdstrike to be most interesting: their annual Global Threat Report for 2024.
The report points out that the use of AI in cyberattacks makes the hackers much more sophisticated than they had been in the past and, therefore, harder to defend against. What I also found interesting is that this report focuses its attention on the adversaries sponsoring the cyberattacks, having identified 232 global adversaries to date, an increase of 34 over last year. Essentially, we are at war – a cyber war.
What is also alarming is that the report states that Cloud cyber intrusions increased 75% over last year. And by industry, the Technology sector led the way (not surprising) with a 23% increase of interactive intrusions.
Another alarming fact is that the average time it takes for an adversary to compromise more than one host server within an environment, termed “break-out” time”, decreased 24% from the prior year, from 84 down to 64 minutes, with the fastest time to “break-out” being close to a mere 2 minutes.
You can see the trend – speed and volume. Breakouts are faster, likely because of AI. There are more cyberattacks, likely because of AI. The efficiencies gained by AI will continue on a record-breaking pace, year over year. We can only hope that the cyber security tools can keep up with detecting, blocking, isolating and preventing cyberattacks.
I don’t see how a Chief Info Security Officer (CISO) can sleep at night from the stress in knowing about the onslaught of cyberattacks daily. Investments in the latest and greatest cyber security tools and talent should be the top priority for every enterprise, ongoing. There is no other point to be made on this topic. As they say in the Navy, it’s time to “batten down the hatches; all hands on deck”.
Link to Crowdstrike’s Global Threat Report 2024:
https://go.crowdstrike.com/rs/281-OBQ-266/images/GlobalThreatReport2024.pdf