Photo: Acronis Mid-Year Cyberthreats Report 2023
Every week, dozens of new AI tools are generated. The possibilities with AI are increasing as these tools develop. Although so far we have seen a boom in the use of ChatGPT, there are also tools like Bard AI that consults websites in real time. Acronis' 2023 Cyber Threats mid-year Report confirms a trend that we have observed in recent months, cybercriminals are increasingly using AI such as ChatGPT and similar to create malicious content, execute attacks and thus maximize their profits. Below is a summary of the aforementioned report:
Cybercriminals use ChatGPT to automate phishing emails. With this tool, hundreds of different versions of the email text are generated in different languages. Additionally, AI can learn which versions and themes work best.
The AI can code in Python, GoLang and Rust, which makes it easier to create malware and specifically, the creation of polymorphic Trojans that rewrite their code after an attack. For now, AI cannot invent code, it can simply use what already exists and modify it.
Regarding identity theft, AI can make videos and clone people's voices to carry out attacks. In 2021, in Hong Kong, there was a theft of $35 million dollars for a cloned voice. This area transcends companies, as people can be extorted with nude photographs of their face by requesting money in exchange for not spreading the photo.
AI continues to be used to carry out bot attacks, and is also already being attacked by cybercriminals to find vulnerable layers and gain information on how to better craft their attacks.
The report also mentions that ransomware continues to be the first threat to medium and large businesses, as well as the public sector, governments, health systems, among others. And although its variants have decreased, it continues to be a factor in the loss of money for many businesses. The most affected countries in 2023 so far are Singapore, Brazil and Japan.
On the other hand, data theft continues to be the second threat for medium and large businesses, as well as the traditional theft of credentials, which gives rise to large data leaks. According to the report, the attackers are looking for any information they can obtain. By exfiltrating large amounts of data, they can obtain credentials to carry out phishing attacks, while extracting specific technical data gives them leverage to demand ransoms or sell the information to competitors.
In 2023, the increase in email phishing attacks increased by 464% compared to the first half of 2022. One of the first major barriers that can be enabled to prevent cyber attacks is having anti-phishing defenses and strong authentication. Otherwise, the malware would have to be removed later in its cycle.
To have cyber protection, it is necessary to detect, evaluate and mitigate all incidents and anomalies that threaten the infrastructure. This is done through monitoring tools. Otherwise, it is not possible to be prepared to adequately protect our organizations. When new technologies are created, it is essential to strengthen research on each of them as well as their vulnerabilities. It is also necessary to take care of your passwords and be aware of possible phishing threats and have mechanisms to stop malware in case the attack has worked. At CyberLat we can help you with the cybersecurity solutions and services that your organization needs.