Is Generative AI Fueling a Surge in Cloud Cyber Threats?

March 5, 2024

The rapid advancement of artificial intelligence (AI) is transforming the cybersecurity landscape, and generative AI (GenAI) technologies are at the forefront of this change. However, this transformation is not without its challenges. According to a report by CrowdStrike, the rise of GenAI has coincided with a significant increase in cyber threats, particularly against cloud infrastructures. One of the most troubling aspects of this trend is the use of stolen identity credentials, which are being enhanced by AI to mimic legitimate user behavior more convincingly. As a result, unauthorized access by cybercriminals is becoming more difficult to detect, leading to a 75% increase in cloud breaches and a 110% rise in cloud security incidents. In light of these findings, it is clear that new and evolved cybersecurity measures are urgently needed to protect against the novel threat of AI-powered cyberattacks.

The Exploitation of Stolen Credentials

Cybercriminals are increasingly focusing their efforts on acquiring digital identities of users with access to critical systems, rather than just looking for software vulnerabilities. This shift poses a significant risk for organizations, as stolen credentials can be used to navigate cloud environments with relative impunity. The involvement of GenAI in these attacks magnifies the risk, as it can potentially automate phishing campaigns and perform brute force attacks with a level of precision and efficiency previously unseen. As AI technology continues to advance, the cybersecurity community must anticipate a corresponding increase in both the frequency and complexity of these tactics.

Acceleration and Sophistication of Attacks

The report by CrowdStrike highlights not only an increase in the number of cyberattacks but also their growing sophistication. The average ‘breakout time’—the time it takes for an attacker to begin moving laterally within a network after initial intrusion—has decreased to 62 minutes, down from 84. Some attackers are capable of such lateral movements in as little as 2 minutes with the aid of AI. Furthermore, advanced tools are being deployed within 31 seconds of breaching a network, underscoring the rapid pace at which these AI-assisted attacks can unfold. A 60% increase in ‘hands-on-keyboard’ attacks indicates a trend towards a combination of AI-generated precision and human ingenuity in cyberattacks.

The emergence of GenAI as a transformative technology in cybersecurity is undeniable. However, its potential misuse by threat actors poses serious risks to cloud security. This evolving threat landscape necessitates a proactive and multifaceted approach to cybersecurity, including improved detection capabilities, the integration of threat intelligence, and proactive threat hunting. The conclusions drawn from CrowdStrike’s report are not just warnings; they are a call to action for the cybersecurity industry to adapt and respond intelligently to the growing threat posed by AI-driven cyberattacks.

Subscribe to our weekly news digest!

Join now and become a part of our fast-growing community.

Invalid Email Address
Thanks for subscribing.
We'll be sending you our best soon.
Something went wrong, please try again later