How Cybercriminals are exploiting AI tools and what businesses can do to defend themselves
ChatGPT was launched in November 2022 by OpenAI, an AI and research company. It is an AI-based tool that is programmed with endless amounts of text and data and allows the user to have human-like conversations and more, just like a chatbot. It can provide data and answers to questions using human writing patterns. It is able to understand context and relevancy. While it performs best using the English language, it knows at least 95 natural languages and a range of programming and code languages such as Python and JavaScript
While ChatGPT has many useful applications, it is a powerful tool for cybercriminals looking to improve the scale and effectiveness of their cyberattacks — easily spelling disaster for a business’s cybersecurity defense. While ChatGPT has not enabled any new adversarial techniques, it enables the criminal to develop attacks in a better, faster fashion with more automation. This allows unskilled criminals to get in the game.
Recently, James Slaby, Director, Business Solutions Marketing and Irina Artioli, Cyber Protection Evangelist — both from Acronis — hosted a webinar entitled “Defending Your Business against AI-Supercharged Ransomware.” Here they discuss the ways cybercriminals are exploiting ChatGPT and other AI tools to develop more effective ransomware attacks. They also present a 12-step plan that businesses can use to improve their active defenses against these ransomware attacks — both conventional and AI-enabled.
Slaby kicks off the webinar by providing an overview of the 2022 cyber threat environment. Here, he discusses how:
- Ransomware is the #1 threat that businesses face, regardless of size. That’s right, cybercriminals are equal opportunity thieves. Every business of every size in every industry in every country is at risk. Many small-to-medium business (SMB) owners don’t believe that mostly because the attacks on Global 2000 enterprise organizations grab the headlines. What they may not know is that according to the U.S. Justice Department, 75% of attacks target SMBs and often go unnoticed by the media.
- To make matters worse, ransomware attack vectors are expanding as well. In fact, over 90% of successful cyberattacks occur when someone clicks on a link in a spear phishing email.
- The rapid move to remote work resulted in a mass movement to using remote tools, which exposed vulnerabilities in remote apps.
- Tech supply chain attacks are also on the risk. These attacks can distribute embedded malware to tens of thousands of customers at once.
- The move SMBs have made to the cloud exposed their inexperience in managing those environments. Misconfigured cloud services are exposing vulnerabilities.
- The volume of insider threats is getting more insidious as cybercriminals try to bribe your employees to open a back door, making your company vulnerable to an attack
- Ransomware is no longer just about encryption as cybercriminals are adding double and triple attacks to the mix. They will also exfiltrate your data and threaten to leak it if you do not pay. They will also contact your customers/partners and tell them that their data is leaked as well.
Artioli goes into greater detail on each of the above issues and then Slaby and Artioli unfold a 12-step plan that every business can follow to mitigate the threat of ransomware attacks.
Every cybersecurity professional needs to view this on-demand webinar as ChatGPT and AI tools like it will be changing the landscape. All businesses need to be armed with the best techniques and information to mitigate the risk of ransomware attacks.
About Acronis
A Swiss company founded in Singapore in 2003, Acronis has 15 offices worldwide and employees in 50+ countries. Acronis Cyber Protect Cloud is available in 26 languages in 150 countries and is used by over 20,000 service providers to protect over 750,000 businesses.