The UK’s National Cyber Security Centre (NCSC) has warned artificial intelligence (AI) will increase the threat of ransomware globally over the next two years.
In a report titled The near-term impact of AI on the cyber threat assessment, organizations and individuals have been encouraged to recognize the situation and take preventative measures.
NCSC – part of GCHQ (similar to America’s NSA), the United Kingdom’s intelligence, security, and cybersecurity agency – takes the position that AI will almost certainly contribute directly to the increase in quantity and impact of cyber attacks moving forward.
The study found cyber criminals and hackers, operating at a lower level of competence, can effectively piggyback on the advances of AI to penetrate further in terms of their operations. This includes improved targeting of victims, adding to the threat of ransomware which was pinpointed as the most acute threat to businesses and groups in the UK.
Crucially, AI is likely to make the discovery of vulnerable devices easier reflecting the gains to be made by threat actors.
James Babbage, Director General for Threats at UK’s National Crime Agency, highlighted the dangers of ransomware as a national security threat, which will be exacerbated by advancements in AI:
“AI services lower barriers to entry, increasing the number of cybercriminals, and will boost their capability by improving the scale, speed and effectiveness of existing attack methods. Fraud and child sexual abuse are also particularly likely to be affected.”
UK cyber threat response
In response to the threat, the British government has pumped £2.6 billion as part of its Cyber Security Strategy to increase its resilience to hostile acts, whilst NCSC and private industry are already returning the serve with AI, to enhance cyber security defenses via improved threat detection and security-by-design.
NCSC CEO Lindy Cameron commented on the risk and reward situation presented by AI:
“The emergent use of AI in cyber attacks is evolutionary, not revolutionary, meaning that it enhances existing threats like ransomware but does not transform the risk landscape in the near term. As the NCSC does all it can to ensure AI systems are secure by design, we urge organizations and individuals to follow our ransomware and cyber security hygiene advice to strengthen their defenses and boost their resilience to cyber attacks.”
Image: Dall-E