Darktrace has announced new data that shows attackers are continuing to increase their use of generative AI tools to make their attacks more potent. It also showcases that IT security experts are aware of the threat of AI-augmented attacks but remain unprepared.
The new research based on a survey of 1,773 IT professionals and data from across Darktrace’s large customer base shows:
- 89% of IT security experts believe AI-augmented cyber threats will have a significant impact on their organisation within the next two years.
- Yet, 60% believe they are currently unprepared to defend against these attacks.
- Darktrace customers received 2,867,000 phishing emails in December alone, a 14% increase on September, highlighting a continued increase.
- ‘Novel social engineering’ attacks – phishing attacks that use more sophisticated language and punctuation than a typical phishing email – grew by 35% between September and December 2023.
- This follows a 135% increase, on average, in these attacks in January and February last year, coinciding with the general adoption of ChatGPT.
IT security teams two greatest concerns, both rated as 3.84 by respondents, on a 1-5 scale of risk are:
- Increased volume and sophistication of malware attacks – like those delivered by phishing emails – that target known vulnerabilities in software.
- Employee use of generative AI tools, leading to sensitive data being leaked.
The ongoing rise in sophisticated phishing techniques suggests attackers are continuing to increase their use of generative AI tools to make their attacks more potent.
AI threats have become a critical priority on the agendas of security teams, and the research results clearly show they are questioning whether their organisations are prepared and how to get prepared.
The growing adoption of AI adds to the impact automation and as-a-service attacks are already having on the threats organisations face. The Darktrace threat report, released in January, showed that as-a-service attacks, which provide cybercriminals with everything from pre-made malware to templates for phishing emails, payment processing systems and even helplines, make up the majority of attacks.
Commenting on the cyber security landscape, Poppy Gustafsson, said: “We continue to see the cyber-crime landscape evolve rapidly in a challenging geopolitical environment and as the availability of generative AI tools lowers the barrier to entry for hostile actors. Against this backdrop and in the period ahead, we are preparing to roll out enhanced market and product positioning to better demonstrate how our unique AI can help organisations to address novel threats across their entire technology footprint.”
Read a blog post by Max Heinemeyer, Chief Product Officer at Darktrace, detailing the research findings.