UK companies must be on data security red alert over a fresh wave of malicious cyber attacks, particularly ransomware demands, with the rise of AI systems lowering the entry barrier to less skilled cyber criminals, including hackers-for-hire and hacktivists.
That is the stark warning issued by the UK’s National Cyber Security Centre, part of GCHQ, in a new report that concludes AI is already being used in malicious cyber activity and will almost certainly increase the volume and impact of cyber attacks in the near term.
Among other conclusions, the report suggests that by lowering the barrier of entry to novice cyber criminals, AI enables relatively unskilled “threat actors” to carry out more effective access and information-gathering operations.
This enhanced access, combined with the improved targeting of victims afforded by AI, will contribute to the heightened global ransomware threat in the next two years, the NCSC warns.
Ransomware continues to be the most acute cyber threat facing UK organisations and businesses, with cyber criminals adapting their business models to gain efficiencies and maximise profits.
Most ransomware incidents typically result from cyber criminals exploiting poor cyber hygiene, rather than sophisticated attack techniques, and, as brands from Royal Mail to KFC have discovered, attacks can last for weeks and be highly damaging. Others, including British Airways, Boots and the BBC have been hit by attacks on third-party providers.
To tackle this enhanced threat, the Government says it has invested £2.6bn under its Cyber Security Strategy to improve the UK’s resilience, with the NCSC and private industry already adopting AI’s use in enhancing cyber security resilience through improved threat detection and security-by-design.
The Bletchley Declaration, agreed at the AI Safety Summit at Bletchley Park in November, also announced a first-of-its-kind global effort to manage the risks of frontier AI and ensure its safe and responsible development.
In the UK alone, official figures show the AI sector already employs 50,000 people and contributes £3.7bn to the economy, with the Government dedicated to ensuring the national economy and jobs market evolve with technology as set out under the Prime Minister’s five priorities.
NCSC CEO Lindy Cameron said: “We must ensure that we both harness AI technology for its vast potential and manage its risks – including its implications on the cyber threat.
“The emergent use of AI in cyber attacks is evolutionary not revolutionary, meaning that it enhances existing threats like ransomware but does not transform the risk landscape in the near term.
“As the NCSC does all it can to ensure AI systems are secure-by-design, we urge organisations and individuals to follow our ransomware and cyber security hygiene advice to strengthen their defences and boost their resilience to cyber attacks.”
Analysis from the NCA suggests that cyber criminals have already started to develop criminal generative AI (GenAI) and to offer ‘GenAI-as-a-service’, making improved capability available to anyone willing to pay.
Yet, as the NCSC’s new report makes clear, the effectiveness of GenAI models will be constrained by both the quantity and quality of data on which they are trained.
The growing commoditisation of AI-enabled capability mirrors warnings from a report jointly published by the National Crime Agency and the NCSC in September 2023 which described the professionalising of the ransomware ecosystem and a shift towards the “ransomware-as-a-service” model.
According to the NCA, it is unlikely that in 2024 another method of cyber crime will replace ransomware due to the financial rewards and its established business model.
NCA director general for threats James Babbage said: “Ransomware continues to be a national security threat. As this report shows, the threat is likely to increase in the coming years due to advancements in AI and the exploitation of this technology by cyber criminals.
“AI services lower barriers to entry, increasing the number of cyber criminals, and will boost their capability by improving the scale, speed and effectiveness of existing attack methods. Fraud and child sexual abuse are also particularly likely to be affected.
“The NCA will continue to protect the public and reduce the serious crime threat to the UK, including by targeting criminal use of GenAI and ensuring we adopt the technology ourselves where safe and effective.”
Related stories
UK firms still in dark over new cyber security measures
Major brands warned over extortion after global attack
ICO inundated with reports over Capita data breach
KFC owner warns customers over potential data theft
Royal Mail ransom demands ‘hold lessons for all firms’
Firms suffer as Royal Mail fails to lift block on new post
Tech security staffer gets 5 years for ransomware spree
Wakey, wakey: Data breaches cost UK firms £4bn a year