Attackers using AI in ransomware campaigns


By Dylan Bushell-Embling
Wednesday, 09 August, 2023


Attackers using AI in ransomware campaigns

Threat actors are using artificial intelligence to shape phishing and ransomware campaigns, and are expected to increasingly look to generative AI to craft more effective attacks, according to research from Barracuda Networks.

An analysis of 175 successful ransomware attacks across the world committed between August 2022 and July 2023 found that the number of reported attacks has doubled across all industries covered by the research since last year.

The most targeted industries include the local government sector (which accounted for 21% of analysed attacks), health care (18%) and education (18%), Barracuda Networks said.

Attackers have been using generative AI to help create believable phishing emails, which is leading to attack campaigns that lack the spelling and grammar mistakes that have typically been telltale signs of illegitimate emails, the research found.

Use of generative AI is extending to trawling social media to make attacks more customised to the victims. Attackers are meanwhile using the code-generation capabilities of generative AI to write malicious code for exploiting software vulnerabilities.

In tandem, these changes could ensure that the skill required to start a ransomware attack could be reduced to constructing a malicious AI prompt or having access to ransomware-as-a-service tools, the research indicates.

Business email compromise (BEC) meanwhile remains the most common attack type discovered by Barracuda’s security operations centre teams (36.4%), followed by ransomware (27.3%), malware infections (15.2%) and insider threats (12.1%).

Image credit: iStock.com/WhataWin

Related Articles

Not all cyber risk is created equal

The key to mitigating cyber exposure lies in preventing breaches before they happen.

How AI can help businesses manage their cyber risks

Artificial intelligence can be a powerful ally in the fight against cyberthreats.

Boosting software security with a binary approach

The discovery of a leaked access token earlier this year has shone a light on why the method we...


  • All content Copyright © 2024 Westwick-Farrow Pty Ltd