Ransomware attacks are projected to increase in frequency and severity over the next two years due to advancements in artificial intelligence (AI) technologies, as highlighted by British intelligence sources.
The National Cyber Security Centre (NCSC), a division of the cyber and signals intelligence agency GCHQ, released an intelligence assessment on Wednesday, drawing from a variety of sources including classified information, industry insights, academic research, and open-source data. The report, which carries the highest confidence rating in British intelligence analysis, indicates a high level of certainty regarding the anticipated surge in ransomware attacks.
NCSC experts have raised concerns about the unequal distribution of benefits from AI tools among various threat actors. Currently, generative AI is being leveraged to enhance reconnaissance and social engineering efforts, rendering these activities more effective, efficient, and challenging to detect.
Furthermore, AI is expected to play a role in improving tasks such as malware and exploit development, vulnerability research, and lateral movement by streamlining existing techniques.
While the utilization of AI for sophisticated cyber operations is likely to be restricted to well-resourced threat actors until at least 2025, the need for quality exploit data to train AI models remains a significant limitation. The report suggests that only highly capable states possess repositories of malware extensive enough to train AI models effectively for cyber operations.
Looking ahead to 2025 and beyond, the report emphasizes the critical role of quality data in training AI for cyber operations. As successful data exfiltrations occur, threat actors will have access to improved datasets, enabling the development of more sophisticated tools and facilitating faster and more precise cyber attacks.
Recent data from the Information Commissioner’s Office (ICO) reveals a notable increase in ransomware attacks against British organizations, with 874 incidents reported in the first three quarters of 2023 compared to 739 incidents in the entirety of 2022.
James Babbage, the director general for threats at the National Crime Agency, underlines the growing threat posed by ransomware, attributing its escalation to AI advancements exploited by cyber criminals. Babbage warns that the proliferation of AI services will lower entry barriers for cyber criminals, enhancing the scale, speed, and effectiveness of their attack methods.
Lindy Cameron, the departing chief executive of the NCSC, characterizes the integration of AI in cyber attacks as an evolutionary progression rather than a revolutionary transformation. While acknowledging the enhancement of existing threats like ransomware, Cameron emphasizes the importance of secure-by-design AI systems and advises organizations and individuals to adhere to ransomware and cyber security best practices to fortify their defenses against cyber attacks.
Alexander Martin serves as the UK Editor for Recorded Future News, bringing with him a background as a technology reporter for Sky News and a fellowship at the European Cyber Conflict Research Initiative.
