Organized cybercriminals continue to give artificial intelligence (AI) the cold shoulder. New research from US telecoms conglomerate Verizon confirms a report in November from cybersecurity firm Sophos revealing that cybercriminals judged AI to be “overrated, overhyped and redundant.”
According to Verizon’s 2024 Data Breach Investigations Report: “We did keep an eye out for any indications of the use of the emerging field of generative artificial intelligence (GenAI) in attacks and the potential effects of those technologies, but nothing materialized in the incident data we collected globally…The number of mentions of GenAI terms alongside traditional attack types and vectors such as “phishing,” “malware,” “vulnerability,” and “ransomware” was shockingly low, barely breaching 100 cumulative mentions over the past two years.”
Verizon argues that phishing attacks need not be more sophisticated to succeed against their targets. Existing malware, such as Ransomware, also does not seem to be lacking in effectiveness, and threat actors already have a healthy supply of zero-day vulnerabilities to enable initial infiltration into an organization. Verizon does, however, add that an exception to this trend appears to be the use of deepfake technology to defraud victims.
As we reported in February, AI tools such as face swaps are now being used in Mission Impossible-style cyber-enabled financial crimes, such as the attack reported by the South China Morning Post, where criminals defrauded a multinational Hong Kong firm of HK$200 million (US$26 million) by using deepfake video technology to impersonate the organization’s chief financial officer (CFO) and other members of staff.
However, the report also highlights a 180 percent year-on-year increase in exploiting pre-identified ‘zero-day’ gaps in organizations’ cyber defenses. Verizon also reports that these attacks are being primarily leveraged by ransomware gangs and other extortion-related threat actors.
“Roughly one-third of all breaches involved ransomware or some other extortion technique. Pure extortion attacks have risen over the past year and are now a component of nine percent of all breaches,” says Verizon.
This further evidences Google subsidiary Mandiant’s M-Trends 2024 Special Report, which recently reported that the proportion of financially motivated intrusions grew from more than a quarter of all investigations (26 percent) in 2022 to over a third (36 percent) in 2023.
