Threat actors have moved away from mass attacks to focus on a narrower range of more lucrative targets.
Artificial intelligence is a game-changer in cybersecurity, with cybercriminals exploiting it to launch sophisticated targeted attacks and organizations seeking to use the emerging technology to strengthen their defense.
It is according to the Trend Micro 2023 Annual Cybersecurity Reportbased on feedback from the cybersecurity company’s commercial and consumer customers.
The report, officially released in Johannesburg this week, shows that threat actors have moved away from mass attacks to focus on a narrower range of more lucrative targets – and AI is at the heart of these attacks.
“While threat actors use AI to increase the speed and sophistication of attacks, defense wants to use it to reduce the time it takes to respond,” explains Gareth Redelinghuys, Country Managing Director of the Africa Cluster at Trend Microphone.
IT leaders must refine their processes and protocols to enable their defenses to effectively combat persistence.
Zaheer Ebrahim, Solutions Designer, Middle East & Africa at Trend Micro
“Our latest data shows that threat actors are refining their operations, moving away from large-scale attacks and instead focusing on a narrower range of targets but with higher victim profiles for maximum gain with minimum effort. As they continue to implement proven techniques, they also delegate and streamline operations, resulting in bolder and more effective strikes,” says Redelinghuys.
According to Trend Micro, the use of GenAI in phishing attempts already extends beyond emails and text messages to include convincing audio and video “deepfakes,” posing an even more damaging threat to the business.
“Imagine a company that requires live voice authorization for purchases over $1 million, for example. An attacker could send a real-looking email request with a fake phone number embedded and respond to the confirmation call with a fake voice to validate the transaction. These new tactics open up the possibility of everything from stock market manipulation to democratic or wartime disinformation campaigns to defamatory attacks on public figures,” adds Redelinghuys.
The barriers to entry for such techniques have fallen with the rise of readily available app-like interfaces, like the AI-based video creation tool HeyGen, the security company points out.
The report notes that AI is paving the way for amateur cybercriminals, while creating new playing fields for seasoned actors. Cybercriminals without coding knowledge or special computing resources can produce high-resolution custom output that is humanly undetectable.
High value objectives relative to volume
Trend Micro claims to have blocked more than 159 million email threats, approximately 8 million malicious URLs and more than 22 million malicious mobile applications targeting South African businesses and consumers in 2023.
Nearly 40,000 ransomware attacks were also blocked by the company in South Africa in 2023. However, annual research shows that ransomware groups are working smarter instead of harder, prioritizing attack targets. high value rather than volume.
Other emerging threats include the application of malicious data in legitimate AI bots – or poisoned data – that force the replacement of legitimate data and allow easy entry into systems, as well as tailor-made worms and ” prison escapes” to manipulate LLMs within the AI. .
Zaheer Ebrahim, Middle East and Africa Solutions Architect at Trend Micro, said: “Our research shows that these increasingly sophisticated attacks will become increasingly difficult for businesses to detect and will be increasingly costly when they succeed. IT leaders must refine their processes and protocols to enable their defenses to effectively combat persistence.
The company continues to advocate for increased cybersecurity training and awareness initiatives, regular backups, a zero trust approach and strong authentication mechanisms.
