Getty Images
Britain’s top intelligence agency said the threat from malicious cyber activity is likely to increase as nation states, financially motivated criminals and novices integrate artificial intelligence into their daily lives.
An assessment by the UK Government Communications Headquarters predicts that ransomware will become the biggest threat influenced by AI over the next two years. AI brings about changes that lower barriers to entry and allow new entrants to the criminal enterprise to proliferate. More experienced threat actors, such as nation states, commercial companies serving nation states, and financially motivated criminal groups, will also benefit as AI allows them to identify vulnerabilities and evade security defenses more efficiently. There is a possibility.
“The new use of AI in cyberattacks is evolutionary rather than revolutionary, meaning it enhances existing threats such as ransomware but does not transform the risk landscape in the short term,” GCHQ said. said Lindy Cameron, CEO of the National Cyber Security Center. Said. Prime Minister David Cameron and other British intelligence officials have said their country needs to strengthen its defenses to counter growing threats.
of evaluationThe paper, published Wednesday, focuses on the impact AI will have over the next two years. The likelihood that AI will increase the volume and impact of cyber-attacks over that period is said to be ‘almost certain’, GCHQ’s highest confidence rating. Other more specific predictions listed as almost certain include:
- AI improves reconnaissance and social engineering capabilities, making them more effective and harder to detect.
- Attacks against the UK will become more powerful as threat actors use AI to more quickly and effectively analyze leaked data and use it to train AI models.
- Commoditization of AI improvement capabilities of financially motivated state actors beyond the two-year threshold
- The trend of ransomware criminals and other types of threat actors already using AI will continue in 2025 and beyond.
Wednesday’s assessment said the area where AI will have the greatest impact is social engineering, especially for low-skilled actors.
“Generative AI (GenAI) can already be used to enable persuasive interactions with victims, including creating luring documents without translation, spelling, or grammatical errors that reveal phishing. ,” the intelligence official wrote. “This percentage is very likely to increase over the next two years as models evolve and become more popular.”
The assessment states, “By 2025, GenAI and large-scale language models (LLMs) will enable anyone, regardless of their level of cybersecurity understanding, to assess the authenticity of emails and password reset requests, and prevent phishing and spoofing. or attempts at social engineering. ”