The report outlines that Artificial Intelligence (AI), currently utilized by cybercriminals, is lowering entry barriers for less experienced threat actors, including hackers-for-hire and hacktivists.
In its Risk Register 2023 report, the UK government designated AI as a “Chronic Risk.” Now, the National Cyber Security Centre (NCSC) has warned about the escalating global ransomware threat, attributing the rise to the increasing incorporation of Artificial Intelligence (AI) in malicious cyber activities.
The recently released AI-Cyber Threat Assessment by NCSC highlights the role of AI in amplifying both the volume and impact of cyber attacks. Amid the success of OpenAI’s ChatGPT, it is crucial to note that malicious threat actors have exploited the chatbot, giving rise to the creation of nefarious AI-powered counterparts such as WormGPT and FraudGPT.
The report outlines that AI, currently utilized by cybercriminals, is lowering entry barriers for less experienced threat actors, including hackers-for-hire and hacktivists. This empowerment enables more efficient access and information-gathering operations, thereby expanding the reach of cyber threats. The heightened accessibility and AI’s ability to refine victim targeting are anticipated to intensify the ransomware threat globally over the next two years.
Ransomware remains a pervasive cyber threat for UK organizations and businesses, prompting cybercriminals to adapt their strategies for increased efficiency and profit. In response, the UK Government has committed £2.6 billion through its Cyber Security Strategy to strengthen the nation’s resilience.
James Babbage, Director General for Threats at the National Crime Agency, said:
“Ransomware continues to be a national security threat. As this report shows, the threat is likely to increase in the coming years due to advancements in AI and the exploitation of this technology by cybercriminals.
“AI services lower barriers to entry, increasing the number of cybercriminals, and will boost their capability by improving the scale, speed and effectiveness of existing attack methods. Fraud and child sexual abuse are also particularly likely to be affected.
“The NCA will continue to protect the public and reduce the serious crime threat to the UK, including by targeting criminal use of GenAI and ensuring we adopt the technology ourselves where safe and effective.”
James Babbage – National Crime Agency (NCA)
According to the report, both the NCSC and private industry are actively incorporating AI into cybersecurity practices, focusing on advanced threat detection and security by design. “The dangers posed and damages caused by ransomware attacks are also acknowledged by the United States. Therefore, in November 2023, a 40-country alliance was announced to collectively combat the evolving threat.”
Suid Adeyanju, CEO of Riversafe, and a cybersecurity expert, emphasized the critical need for organizations to enhance their threat intelligence. Adeyanju urged a comprehensive strategy that combines advanced technologies with increased observability. Stressing the importance of thorough training for all staff, he emphasized the growing risk cyber threats pose to unprepared businesses.
The UK, hosting the AI Safety Summit at Bletchley Park in November 2023, endorsed The Bletchley Declaration. This initiative, a global effort, aims to address risks associated with AI’s cutting-edge developments and promote its secure and responsible advancement.
The thriving AI sector in the UK, currently employing 50,000 individuals and contributing £3.7 billion to the economy, aligns with the government’s commitment to advancing the national economy and job market in tandem with technological progress, as outlined in the Prime Minister’s five key priorities.