Articles

The looming threat of AI-powered ransomware

By Zac Amos, Features Editor, Rehack.com.

Many people don’t think of ransomware powered by artificial intelligence as a security threat. But, it’s only a matter of time before cyber criminals worldwide figure out how to use the technology for their benefit. Here is a discussion about the looming threat presented by AI-powered ransomware and how businesses can prepare for it.

Growing AI expertise

Within cyber security, artificial intelligence (AI) has always assisted companies in securing assets and protecting user data. Businesses have honed their expertise in AI and thus know how to use it against cyber criminals. These businesses can protect sensitive information and guard against all kinds of ransomware attacks. However, the tables have started to turn — cyber criminals have begun leveraging AI to launch more “lethal” ransomware attacks than ever before.

Unlike older hacks, AI-powered ransomware can mimic normal system behaviors and blend in without drawing suspicion. The embedded virus then trains itself to strike when someone accesses a device, taking control of any software the user opens. The dirty work is different, but the result is the same — the attacker restricts the device and withholds information until a company pays the desired ransom.

One ransomware group, called Conti, has made over $100 million through ransomware attacks. This means they have enough funds to compete with security firms in paying for AI talent and machine-learning features, like penetration testing and zero-day vulnerability exploration.

With these resources now available, international companies and governments are potential victims of AI-powered attacks. High geopolitical tensions also create more opportunities for groups like Conti to pounce on unstable, distracted, and under-secured organizations.

Experts also worry that AI-based cyber attacks will next target new technologies, like autonomous vehicles. The software in these vehicles still has many bugs and vulnerabilities that traditional security strategies won’t solve. The risk of ransomware attacks will continue to increase as AI becomes more mainstream in our everyday devices.

How to protect information

Human-operated security tools and strategies won’t be effective against AI ransomware. Businesses need to fight fire with fire and implement their own machine learning mechanisms. Here are some things companies can do to stop AI-based cyber threats before they cause damage.

1.   Update security training

Phishing, malware, deepfakes and other cyber threats will not look the same with AI. They will have subtle signifiers and be more difficult to block. Organizations must update their employee security training so users know what to expect.

Security experts don’t know all the signs because the technology is still relatively new. The best course of action is heightened skepticism towards emails, links, downloads and other areas where ransomware could sneak into systems.

2.   Embrace AI as a security technology

Companies shouldn’t wait another day to implement AI into their security strategies. They can use analytics and threat-detection tools to help eliminate cyber threats. The human eye can’t notice everything all at once, but machine learning can spot suspicious activity and respond in real-time. Establish AI defenses before destructive attacks become more common.

3.   Focus on groups, not individuals

It’s unlikely that only one person can wield AI ransomware to launch a successful attack. Criminal organizations like Conti — with the budgets to pay for talent and software — are the real threats. Business owners might not think such a group would ever target them, but big hacking groups don’t discriminate. Every organization is fair game.

Some businesses have partnered with AI developers to create allied groups of their own. These developers can give insights and tips to bolster cybersecurity.

4.   Cover all entry points

Every device companies use provides an entry point for AI-based cyber attacks. Remote and hybrid workers are especially vulnerable because they wholly rely on these devices to stay connected. Businesses need to account for every interrelated device they use — from in-office computers to remote laptops.

Prepare for the new age of cyber security

With new technology comes new cyber threats. AI-based ransomware won’t come from a lone hacker in his basement — it will come from powerful groups who have the tools and talent to wield AI. Companies must have the tools and talent to match it. Take proactive steps to address new cyber threats with improved training, more advanced security tools and protection for all devices, no matter how minor their role in operations.

For more from Zac Amos, click here. Lastly, to receive cutting-edge cyber security news, exclusive interviews, expert analyses and security resources, please sign up for the CyberTalk.org newsletter.

Back to top button