A recent study by Bridewell, a cyber security services firm, indicates that 76% of the UK’s critical national infrastructure (CNI) organisations have pinpointed the utilisation of AI in fostering cyber threats as a pressing security issue. This notable rise in apprehension concerning how cybercriminals employ AI is brought to light through Bridewell’s fresh research, which surveyed 521 personnel responsible for cyber security across various UK CNI sectors including civil aviation, telecommunications, energy, transport, media, financial services, and water supply.
The study reveals that 78% of participants express concerns regarding AI-powered phishing attacks, where criminals leverage AI to significantly enhance the precision and wording of their email baits on a large scale. Additionally, criminals can utilise AI to complement basic coding skills, thus lowering the barrier to entry for exploits and elevating the sophistication of their malware. Consequently, 78% of respondents also harbour apprehensions about:
- Adaptive AI cyber attacks that continually refine their strategies
- AI-driven exploit development
- Automated hacking facilitated by AI
All the AI-driven threats highlighted in the research are concerning to over 70% of participants, including polymorphic malware, which mutates with each infection, a concern expressed by 73% of respondents.
The research also investigates how CNI organisations are leveraging AI to counter the escalating use of AI by cybercriminal groups. Currently, AI-driven exploits or methodologies are not as powerful as traditional cyber tactics, and businesses can employ AI-focused tools to safeguard their systems and infrastructure. With its ability to swiftly analyse extensive datasets, AI can serve as a valuable asset in identifying malicious activities within a system or network, detecting anomalies, and recognising suspicious behaviour.
The study shows that the current implementation of AI in cyber defences is in its infancy. Less than three-in-ten organisations of the respondents utilise AI-powered threat intelligence platforms (29%), AI-driven data-loss prevention (28%), AI-enhanced endpoint protection (27%), or AI-based phishing detection and prevention (27%). Nonetheless, almost all organisations (94%) employ some form of AI tools, a trend expected to gain momentum as cyber threats escalate and grow more sophisticated.
“While we are at the early stages of AI-driven cyber attacks, concern among CNI organisations is not unfounded as the technology presents itself as a future threat,” said Martin Riley, Director of Managed Security Services at Bridewell. “Businesses can prepare for the impending AI arms race by incorporating the technology into their cyber defence strategies. AI can be a force for good by helping CNI organisations to enhance threat intelligence capabilities and accelerate detection and response strategies.”
There’s plenty of other editorial on our sister site, Electronic Specifier! Or you can always join in the conversation by commenting below or visiting our LinkedIn page.
