New AI-Powered Ransomware Threat

The National Cyber Security Centre (NCSC) has recently issued a report highlighting the significant impact that Artificial Intelligence (AI) is expected to have on ransomware over the next few years. Very much in summary, the key findings of their assessment are as follows:

• Artificial intelligence (AI) will almost certainly increase the volume and heighten the impact of cyber-attacks over the next two years.
• The threat to 2025 comes from evolution and enhancement of existing tactics, techniques and procedures.
• All types of cyber threat actor are already using AI to varying degrees.
• AI provides capability uplift in reconnaissance and social engineering, almost certainly making both more effective, efficient, and harder to detect.
• More sophisticated uses of AI in cyber operations are highly likely to be restricted to threat actors with access to quality training data, significant expertise (in both AI and cyber), and resources. More advanced uses are unlikely to be realised before 2025.
• AI will almost certainly make cyber-attacks against the UK more impactful because threat actors will be able to analyse exfiltrated data faster and more effectively, and use it to train AI models.
• AI lowers the barrier for novice cyber criminals, hackers-for-hire and hacktivists to carry out effective access and information gathering operations. This enhanced access will likely contribute to the global ransomware threat over the next two years.
• Moving towards 2025 and beyond, commoditisation of AI-enabled capability in criminal and commercial markets will almost certainly make improved capability available to cybercrime and state actors.