AI to drive rise in cyberattacks over next two years, warns UK’s cyber agency
Companies urged to boost risk management
Artificial intelligence (AI) will increase both the volume and impact of cyberattacks in the next two years, further accelerating the global ransomware threat, warns the UK’s National Cyber Security Centre (NCSC.
Publishing a new report on the risk of AI to the UK’s cyber threat assessment, GCHQ’s NCSC says the technology, in particular generative AI, is already being used in malicious cyberattacks by both state and no-state actors. It said these types of attacks “will almost certainly” increase in the near term. It urges organisations to implement protective measures to guard against the increased risk of AI-driven ransomware.
In particular, the report highlights how AI has lowered the barrier of entry to novice cybercriminals and hackers-for-hire, making it easier for more unskilled threat actors to access organisations. The NCSC says GenAI-as-a-service is already available to anyone willing to pay.
“This enhanced access, combined with the improved targeting of victims afforded by AI, will contribute to the global ransomware threat in the next two years,” NCSC said. “AI will almost certainly make cyberattacks against the UK more impactful because threat actors will be able to analyse exfiltrated data faster and more effectively, and use it to train AI models.”
But Lindy Cameron, CEO of the NCSC, said AI will not fundamentally alter the current cyber risk landscape, which remains dominated by ransomware risk.
“The emergent use of AI in cyberattacks is evolutionary not revolutionary, meaning that it enhances existing threats like ransomware but does not transform the risk landscape in the near term,” Cameron said.
“As the NCSC does all it can to ensure AI systems are secure-by-design, we urge organisations and individuals to follow our ransomware and cybersecurity hygiene advice to strengthen their defences and boost their resilience to cyberattacks,” she added.
The NCSC said even simple protective measures will reduce the likelihood of being infected, with most ransomware incidents starting from cyber criminals exploiting poor cyber hygiene.
The UK’s National Crime Agency (NCA), which contributed to the report, said 2024 is unlikely to see another form of cybercrime replace ransomware as the leading cyber threat.
James Babbage, director general for threats at the NCA, said: “Ransomware continues to be a national security threat. As this report shows, the threat is likely to increase in the coming years due to advancements in AI and the exploitation of this technology by cybercriminals.”
“AI services lower barriers to entry, increasing the number of cybercriminals, and will boost their capability by improving the scale, speed and effectiveness of existing attack methods. Fraud and child sexual abuse are also particularly likely to be affected.”
The report further anticipates cyber resilience will struggle to keep pace with advances in AI technology. Between now and 2025, the NCSC said generative AI and large language models “will make it difficult for everyone, regardless of their level of cybersecurity understanding, to assess whether an email or password reset request is genuine”.
“Increases in the volume and heightened complexity and impact of cyber operations will indicate that threat actors have been able to effectively harness AI. This will highly likely intensify UK cyber resilience challenges in the near term for UK government and the private sector,” the report says.