AI will increase global ransomware threat, UK cyber security chiefs warn
29 January 2024, 09:24
The National Cyber Security Agency has released a new report warning that AI will help cyber criminals launch attacks more easily.
The rise of artificial intelligence (AI) will enhance the threat posed by ransomware over the coming years, the UK’s cyber security agency has warned.
A new report from the National Cyber Security Centre (NCSC) – which is a part of GCHQ – said the technology is lowering the barrier of entry to novice cyber criminals.
As a result, AI is enabling unskilled online actors to carry out more effective cyber attacks, the report says.
The NCSC also warned that bad actors are using AI to better find and target victims, with its report concluding that the technology is already being used in what it called malicious cyber activity, and said it believed this will almost certainly increase the volume and impact of cyber attacks, including ransomware, in the near term.
The agency has previously identified ransomware as the biggest cyber threat facing the UK.
It involves hackers gaining access to a user’s system and then either stealing or locking access to files using encryption, demanding a ransom to return the data.
The NCSC said analysis from the National Crime Agency (NCA) suggests that cyber criminals have already started to develop criminal versions of generative AI models, making better hacking tools available to anyone willing to pay.
NCSC chief executive Lindy Cameron said: “We must ensure that we both harness AI technology for its vast potential and manage its risks – including its implications on the cyber threat.
“The emergent use of AI in cyber attacks is evolutionary not revolutionary, meaning that it enhances existing threats like ransomware but does not transform the risk landscape in the near term.
“As the NCSC does all it can to ensure AI systems are secure by design, we urge organisations and individuals to follow our ransomware and cyber security hygiene advice to strengthen their defences and boost their resilience to cyber attacks.”
The warning comes after the Government, in partnership with the NCSC and other industry figures, published new guidance for business leaders on boosting their cyber security protections by asking them to treat the issue in the same way they would any other vital business or financial issue.
James Babbage, director-general for threats at the NCA, said: “Ransomware continues to be a national security threat.
“As this report shows, the threat is likely to increase in the coming years due to advancements in AI and the exploitation of this technology by cyber criminals.
“AI services lower barriers to entry, increasing the number of cyber criminals, and will boost their capability by improving the scale, speed and effectiveness of existing attack methods.
“Fraud and child sexual abuse are also particularly likely to be affected.
“The NCA will continue to protect the public and reduce the serious crime threat to the UK, including by targeting criminal use of generative AI and ensuring we adopt the technology ourselves where safe and effective.”
