Are threats turning the table on the effective use of technology?

If business and their risk managers were not aware of the threat that can be posed by the increasing reliance in technology,  this week will have served as a stark reminder.

The headline issue has been the revelation that Russian hackers have breached 632,000 Department of Justice and Pentagon email addresses as part of the MOVEit cyberattack.

The Russian hackers have it seemed exploited a weakness in the hackers targeted weaknesses in the file transfer software MOVEit file transfer software which is used by a number of UK government agencies.

While the attack was carried out in late May it was not until this week that the event was publicly announced. The breaches have been blamed on the Russian-speaking ransomware group CLoP, which has taken credit for other hacks involving MOVEit.

It has promoted warnings to business that they need to ensure that their systems have the necessary protection.

However a study issued this week went to highlight that  CEO and chief information security officers (CISO) are unaware of how the use of artificial intelligence is increasing the sophistication of attacks.

The research by  cybersecurity consultancy, Gemserv, found that the cyber threat landscape is expected to become increasingly volatile, further exacerbated by this year’s geopolitical tensions.

It revealed 38% of respondents anticipate a significant increase in cyberattacks utilising deep fake AI technologies over the next five years, with an additional 45% expecting a moderate rise. In total, 83% of respondents  said they believe that generative AI will play a more prominent role in cyberattacks. However, just 16% of respondents consider their organisations to have an excellent understanding of these advanced AI tools.

In all 69% of organisations lack access to either the necessary tooling or cyber threat intelligence, with 8% having neither. It found 78% of CISOs believe the cyber threat landscape will become more complex and challenging over the next 12 months.

A significant 83% of CISOs expect to see more cyber-attacks using generative AI tools.

In the run up to the UK’s hoisting of a global AI risk summit this week the country’s

UK’s secretary of state for Science, Innovation and Technology, Michelle Donelan

Said the world need to take a united approach to the risks that AI can pose and recognise that there will be considerable nuances needed.

“We cannot ignore or dismiss the countless experts who tell us plain and simple that there are risks of humans losing control, that some model outputs could become completely unpredictable and that the societal impacts of AI advances could seriously disrupt safety and security here at home,” she explained. “The Summit will be a moment where we move this discussion forward from the speculative and philosophical. To the scientific and empirical.

“AI is not some phenomenon that is happening to us, it is a force we have the power to shape and direct. I believe we have a responsibility to act now.”

Governments have been told to act now, and businesses will want to do the same. The question is while there is a will is there a way that businesses can protect themselves from a threat in which the playing field, and the rules, are being constantly redrawn?

Jon Guy, Editor,

Emerging Risks