The prevalence of AI tools in the public domain is contributing to a large increase in ransomware attacks, a new report has claimed.
Security firm Barracuda has found that between August 2022 and July 2023, ransomware attacks have doubled. And what has drove this surge is the breaching of networks via AI-crafted phishing campaigns, as well as automating attacks to increase reach, again using AI.
The firm claims that, despite, "the enduring success of traditional attack methods throughout 2023 and beyond, attackers will look to generative AI to craft increasingly effective attacks."
Popular targets
Infrastructure-related industries also experienced more than twice the number of ransomware attacks compared to last year. However, municipality, education and healthcare remain the most targeted sectors.
Barracuda believes that the first two are "soft targets" as they are "resource constrained." It also noted that some sectors are legally obligated in their countries to report cybersecurity incidents, making them more visible in the data.
In breaking down the year-on-year increase by sector, "attacks on municipalities increased from 12% to 21%; attacks on healthcare increased from 12% to 18%; attacks on education went up from 15% to 18%; and infrastructure went from 8% to 10%."
Interestingly, attacks on financial institutions dropped from 6% to 1%, which Barracuda suggests is due to their possible improvements in their security posture.
Other industries also demonstrated "similar patterns of escalation over the past two years, even though the volume of publicly reported attacks is lower than the top three sectors."
Of these other industries, software businesses were the most popular target and saw a significant increase in ransomware attacks year-on-year. Again, Barracuda posits that this is because such attacks can disrupt the supply chain, and therefore act as a launchpad for further attacks on other industries.
Manufacturing, media and retail industries have also seen an increase in ransomware attacks over the past 12 months.
Fleming Shi, CTO at Barracuda, commented that, “Recent advances in generative AI will only help ransomware gangs increase the rate of attack with more effective cyber weapons."
They added, "That’s why it’s essential for organizations to have tools in place to detect and prevent attacks, but also to be resilient and prepared to recover from an attack.”
- This is the best endpoint protection to keep your firm safe
