Gartner Reports AI-Driven Attacks Remain Leading Cyber Threat for Third Straight Quarter

Published:

The Rising Threat of AI-Enhanced Cyber Attacks: A Gartner Report Analysis

In an era where technology is advancing at an unprecedented pace, the intersection of artificial intelligence (AI) and cybersecurity is becoming increasingly concerning. For the third consecutive quarter, Gartner, a leading research and advisory company, has identified AI-enhanced cyber attacks as the most significant risk facing enterprises today. This alarming trend underscores the urgent need for organizations to bolster their defenses against sophisticated threats that leverage AI technologies.

The Survey Insights

Gartner’s recent survey, conducted between July and September, involved 286 senior risk and assurance executives. A staggering 80% of respondents expressed their concerns about AI-enhanced malicious attacks, highlighting the growing recognition of this threat within the corporate landscape. The findings are not merely anecdotal; they reflect a broader trend in which evidence suggests that AI-assisted attacks are on the rise, making it imperative for organizations to adapt their security strategies accordingly.

In addition to AI-enhanced attacks, the report outlined other emerging risks that executives are wary of, including AI-assisted misinformation, escalating political polarization, and misaligned organizational talent profiles. These multifaceted threats illustrate the complex landscape that businesses must navigate in the digital age.

The Mechanics of AI-Driven Attacks

One of the most alarming aspects of AI-enhanced cyber attacks is the sophistication with which they are executed. Cybercriminals are increasingly utilizing AI to write malware, craft convincing phishing emails, and automate various aspects of their attacks. For instance, in June, HP intercepted a malware-laden email campaign that was likely generated with the assistance of generative AI (GenAI). The malware’s VBScript was not only well-structured but also included comments for each command—an effort that would typically be unnecessary for a human coder but indicative of AI’s capabilities.

Moreover, security firm Vipre reported a 20% increase in business email compromise (BEC) attacks in the second quarter of 2024 compared to the same period in 2023, with two-fifths of these attacks being AI-generated. The primary targets of these attacks were high-ranking executives, particularly CEOs, as well as HR and IT personnel. Usman Choudhary, Vipre’s chief product and technology officer, noted that cybercriminals are now leveraging sophisticated AI algorithms to craft emails that closely mimic legitimate communications, making it increasingly difficult for employees to discern genuine messages from malicious ones.

The Scale of AI-Driven Attacks

The scale of AI-driven attacks is staggering. Retail sites alone experienced an average of 569,884 AI-driven attacks each day from April to September, according to Imperva Threat Research. Tools such as ChatGPT, Claude, and Gemini are being exploited to conduct distributed denial-of-service (DDoS) attacks and business logic abuse. The accessibility of AI technologies has lowered the barrier to entry for cybercriminals, enabling even less-skilled individuals to engage in sophisticated cyber crimes.

Interestingly, ethical hackers are also increasingly turning to generative AI for their work. A report from BugCrowd revealed that the proportion of ethical hackers using GenAI has risen from 64% to 77% in the past year. These researchers utilize AI to assist with various types of attacks, including die-channel attacks and fault-injection attacks, demonstrating that while AI can be a tool for good, it can also be weaponized by malicious actors.

The Implications of AI Accessibility

The implications of AI’s accessibility for cybercriminals are profound. Researchers at ETH Zurich have developed a model capable of solving Google reCAPTCHA v2 puzzles with 100% accuracy, further illustrating how AI can be used to bypass security measures. Analysts at Radware have predicted that the proliferation of private GPT models for nefarious purposes will lead to an increase in zero-day exploits and deepfake scams, as malicious actors become more adept at using large language models (LLMs) and generative adversarial networks.

Indeed, Google’s Mandiant tracked 97 total zero-day vulnerabilities discovered and exploited in 2023, marking a 56% increase from the previous year. This surge in vulnerabilities is indicative of the evolving threat landscape, where AI plays a central role in facilitating cyber attacks.

Concerns Over IT Vendor Reliance

In addition to the threats posed by AI-enhanced attacks, Gartner’s report highlighted another emerging concern: the over-reliance on IT vendors. For the first time, IT vendor criticality made it onto Gartner’s list of top concerns among senior risk and assurance executives. Zachary Ginsburg, Senior Director of Research in the Gartner Risk and Audit Practice, emphasized that organizations with a concentration of services from a single vendor may face elevated risks in the event of outages or unexpected changes in services due to regulatory shifts.

The July incident involving CrowdStrike, which resulted in the disabling of approximately 8.5 million Windows devices worldwide, serves as a stark reminder of the potential consequences of vendor dependency. Essential services, including emergency services and law enforcement agencies, were significantly disrupted, underscoring the need for organizations to diversify their vendor relationships and assess their exposure to third-party risks.

Conclusion

As the threat landscape continues to evolve, organizations must remain vigilant against the rising tide of AI-enhanced cyber attacks. The findings from Gartner’s survey serve as a clarion call for enterprises to reassess their cybersecurity strategies, invest in advanced threat detection technologies, and foster a culture of security awareness among employees. The dual-edged nature of AI—capable of both enhancing security measures and facilitating cyber crimes—demands a proactive and adaptive approach to safeguarding sensitive information and maintaining operational integrity in an increasingly digital world.

Related articles

Recent articles