According to the latest Microsoft Digital Defense Report, in the period from July 2023 to July 2024, there were 600 million cyber-attacks around the world every day. In the UK this translates to a new cyber-attack on businesses of every size every 44 seconds and a cost to the nation of around £27 billion annually. However, many businesses are now responding to cyber threats by implementing AI in their security systems. Here we look at how AI can bolster cybersecurity efforts by detecting threats, responding to attacks, and identifying vulnerabilities.
The scale of the problem
The statistics for cybercrime are astonishing.
- In 2024 there were 7.78 million cyber-attacks on UK business
- 50% of businesses have experienced a cyber-attack
- The average cost of a cyber-attack on a UK business was £10,830.
Yet despite this:
- Only 31% of businesses undertook a cyber risk assessment
- Only 15% of businesses have a formal cybersecurity incident management plan
- Only 3% of UK businesses adhere to the Cyber Essentials scheme.
What are the threats?
Phishing: a 2024 study by Vodaphone found that phishing had increased by 60% worldwide over the previous 12 months, with over 80% of these attacks originating via email. Phishing attacks try to gain sensitive information or install a malicious file by pretending to be something or someone that they are not. Over £3.85 million was lost to UK businesses as a result of phishing in 2023 but the hidden costs can include a loss of data (customers’, employees’, and commercial partners’), potential fines and penalties for data breaches, and a loss of trust and credibility.
Ransomware: as Synnovis, a provider of pathology services to the NHS, discovered last year, ransomware can have a devastating effect, not only on the organisation targeted but also on those it supplies services to, especially when it involves medically vulnerable people. Ransomware attacks increased by 70% in the UK last year and can have a devastating effect on an organisation, leaving it unable to access its systems or data unless substantial amounts of money are paid.
DDoS: distributed denial-of-service attacks, which attempt to overload a network or its associated websites to limit or prevent access to it, increased by 25% in the last half of 2024. DDos attacks originate from multiple sources, making detection difficult. They can result in loss of sales, a workforce that’s unable to work, and potential loss of system integrity and data and can have severe repercussions if government departments, healthcare providers or financial services organisations are targeted.
How can AI assist in the cyber fight?
The Bletchley Declaration which was signed by countries from around the world attending the AI Safety Summit in 2023 noted that despite the risks presented by malicious parties who use AI for nefarious purposes, it also offered positive opportunities to leverage the technology in cyber security.
AI can be used to fight cybercrime in the following ways:
Detecting threats – creating a threat detection system can be challenging because of the constantly evolving nature of attack techniques. By using machine learning algorithms, organisations can continually analyse data and identify threat pattern anomalies and potential breaches of security. AI can also be used to monitor networks for suspicious behaviour and activities in real-time.
Identifying vulnerabilities – AI is capable of automatic scanning which can identify vulnerabilities, assess the threat, implement a risk assessment to evaluate its potential severity and protect against threats such as malware, ransomware and phishing.
Responding to attacks – by using an automated AI system, organisations can respond quickly to attacks so they can isolate systems and deal with threats as required.
What else can be done?
Organisations should ensure that they perform continuous monitoring to detect intrusions and protect endpoints. An incident response plan should be in place to identify what procedures should be taken in the event of a cyber attack and should include four stages: pre-incident, response, recovery and review. In addition, employees should be rigorously trained to recognise cyber-attacks in all their forms and respond appropriately.
Utilising AI to counteract threats from cyber criminals can be a powerful tool in an organisation’s IT armoury. As the sophistication of attacks increases AI has the potential to help organisations respond more efficiently and effectively to minimise disruption, protect valuable information, and increase security.
If you’d like more information about any of the issues discussed here contact us.
COMMENTS