The UK’s National Cyber Security Centre (NCSC) has issued a warning that malicious AI is expected to drive an increase in cyber-attacks, particularly focusing on ransomware, over the next two years. The NCSC’s threat assessment indicates that AI is already being used by threat actors, and the development of generative AI (GenAI)-as-a-service in the cybercrime underground is a significant concern. While currently limited to well-resourced actors, the accessibility of publicly available AI models is expected to empower novice cybercriminals, lowering the barrier to entry for attacks like spear-phishing. The report underscores the importance of securing AI systems and provides cybersecurity hygiene advice for organizations to enhance their defenses.
In the near term, the use of AI for developing malware, exploiting vulnerabilities, and lateral movement is expected to be restricted to more capable threat actors, such as nation-states, due to a lack of training data. However, the report warns that as successful exfiltrations occur, the data feeding AI will likely improve, enabling faster and more precise cyber operations. This could have a major impact on network defenders’ efforts to maintain cyber-resilience, as bugs may be exploited more rapidly after patches are released, and distinguishing between real and fraudulent emails could become more challenging. Despite these challenges, the report notes that AI will also play a role in cyber-defense efforts.
NCSC CEO Lindy Cameron emphasizes that the use of AI in cyber-attacks is evolutionary rather than revolutionary, enhancing existing threats like ransomware. The NCSC encourages organizations and individuals to follow ransomware and cybersecurity hygiene advice to strengthen their defenses and resilience against evolving cyber threats.
Reference:
