Info@NationalCyberSecurity
Info@NationalCyberSecurity

AI making ransomware easier, more prevalent, committee hears | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware


Artificial intelligence is making ransomware faster and easier to use as the online crime hits record levels, experts said at a House Financial Services subcommittee hearing on Tuesday. 

“We have tremendous concern about the future of AI and the direction it is allowing criminal actors to take, including more sophisticated deepfakes that ultimately form the first step in the chain of ransomware attacks,” Megan Stifel, chief strategy officer at the Institute for Security and Technology, said.

“Unfortunately, the stakes keep getting higher,” she said. 

As attackers have become more complex, and the barrier for entry into deploying ransomware gets lower, organizations are more frequently facing threats to the sensitive, personal data of their employees and customers, Stifel said. 

“As AI continues to grow more sophisticated, cyber criminals will harness these technological advancements to exploit the vulnerabilities of their victims,” Vice Chairwoman Young Kim (R-Calif.) said. 

According to crypto-tracking firm Chainalysis, ransomers stole away over $1 billion from U.S. organizations in 2023, the highest amount ever recorded, with a 70 percent increase in the number of victims from the year prior. 

“Small businesses and Main Street are getting hammered,” Rep. Roger Williams (R-Texas), said.

Jacqueline Koven, head of cyber threat intelligence at Chainalysis, said the frequency and severity of ransomware against U.S. organizations, especially financial institutions, reached what she called “an unprecedented milestone” in 2023. 

Ransomware gangs are now using sophisticated attacks to go “big game hunting,” with “as much as 75 percent of [ransom payments being] $1 million or more” in 2023, Koven said. 

Lawmakers on the subcommittee discussed measures like increasing resources available to federal law enforcement, offering tax credits for organizations that take preventative cybersecurity measures, making cybersecurity insurance more accessible and incentivizing the training of more cybersecurity and investigative personnel. 

“The cybersecurity workforce is obviously paramount to the safety and soundness of the U.S. economy,” Rep. Andy Barr (R-Ky.), said. 

“With AI and automation central to modern cyber defenses, it is critical we educate and train the cyber workforce of tomorrow,” Daniel Sergile, senior consulting director from Unit 42, a cyber crimes task force of Palo Alto Networks, said in his written statement to the committee. 

Though AI is enabling bad actors, it is also helping law enforcement and cybersecurity professionals track ransomers and craft more resilient defenses, Sergile said. 

“With tooling that has machine learning and artificial intelligence, we can absolutely keep pace and parity,” Sergile said. 

“Fighting fire with fire is simply the answer,” he said. 

Copyright 2024 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.

——————————————————–


Click Here For The Original Source.

.........................

National Cyber Security

FREE
VIEW