Cybercriminals use AI for more sophisticated cyber attacks
MANILA -Cybercriminals are now using artificial intelligence (AI) to launch an even more sophisticated online assault that could infiltrate corporate network systems and disrupt business operations, according to cybersecurity firm Kaspersky.
Noushin Shabab, senior security researcher of Kaspersky’s Global Research and Analysis Team in Asia Pacific, said that AI could be used in lodging advanced persistent threats (APT), a cyberattack that seeks to obtain unauthorized access into a computer network and tends to avoid detection for an extended period.
The attacks are usually launched via emails, targeting employees of the organizations.
“Nowadays, APT actors combine sophisticated techniques to evade detection and stealthy methods to maintain persistence. New AI developments can be of assistance to cybercriminals from reconnaissance stage to data exfiltration,” Shabab said.
During the reconnaissance stage, perpetrators identify vulnerable targets and study their plan of attack. The Kaspersky researcher said that “AI can help actors find and understand potential targets by automating the analysis of data from various sources such as online databases and social media platforms.”
Data exfiltration, meanwhile, is the process of stealing data. Shabab explained that AI can help cyberhackers analyze network traffic patterns to blend in and avoid detection, which is crucial to the success of the digital attack.
Article continues after this advertisementKaspersky advised companies to conduct regular software updates to mitigate potential system vulnerabilities.
Article continues after this advertisementIn addition, the company reminded organizations to train employees on cybersecurity best practices.
Last year, Kaspersky detected more than 304,000 ransomware attacks targeting businesses in the Southeast Asian region. About 21,000 of these were in the Philippines.
Ransomware refers to a cybersecurity attack where hackers penetrate a system to obtain sensitive information for it to be held hostage. It will be released once ransom is paid.
The disruption in operations caused by such cyberattacks is detrimental to the business due to spending related to retrieval of their data or system, in addition to opportunity costs because of the down time.