The number of reported ransomware attacks has doubled since last year, says cybersecurity company Barracuda.
Ahead of the Black Hat US conference in Las Vegas, the company issued a report on how the sudden AI boom has impacted security and ransomware cases in particular.
AI-powered automation, such as AI-enhanced phishing attacks, helped “drive ransomware to new heights as the frequency of ransomware attacks continues to climb with no sign of slowing down.”
Barracuda’s researchers analyzed 175 publicly-reported successful ransomware attacks, with a focus on municipalities, healthcare, and education. Attacks on these primary categories, according to the company, have doubled since last year and more than quadrupled since 2021.
“Municipalities and education continue to be soft targets because they are resource constrained, and successful healthcare and infrastructure attacks have an immediate and potentially severe impact on human lives, which cybercriminals try to exploit to increase the likelihood of getting paid,” researchers explained.
In many countries, at least one of those sectors is obliged to publicly disclose a cyber incident, making the impact more visible.
Based on the report, attacks on the aforementioned industries increased as follows:
Municipalities – from 12% to 21%;
Healthcare – from 12% to 18%;
Education – from 15% to 18%;
Infrastructure – from 8% to 10%
Ransomware attacks on software businesses, manufacturing, media, and retail have all gone up over the last year.
The rise of generative AI is partly responsible for the cyberattack boost since it reduces the skill required to start a ransomware attack.
“Using generative AI’s writing capabilities, cyberattackers – including those looking to launch ransomware – can now strike faster and with better accuracy, as the spelling errors and grammar issues in phishing emails are more easily eliminated, making attacks more evasive and convincing,” researchers noted.
Even people trained to spot email attacks might now fail to notice them because of improved grammar and spelling. Security experts also point to the fact that attackers trick AI into writing malicious codes, accelerating a cyberattack even further.
“With these changes, the skill required to start a ransomware attack could be reduced to constructing a malicious AI prompt and having access to ransomware-as-a-service tools, leading to a whole new wave of attacks,” Barracuda researchers said.
They also highlighted that the report focused only on the volume of publicly reported ransomware attacks. But one can be sure that unreported attacks have also increased “dramatically.”
Comments