With cyberattack velocities becoming more sophisticated, AI as a solution has become attractive. Ironically, it’s the rise in AI usage that has created an unforeseen threat landscape.
According to an April IMF report, the risk of extreme losses from cyber incidents is increasing. Such losses could potentially cause funding problems for companies and even jeopardize their solvency. The size of these extreme losses has more than quadrupled since 2017 to $2.5 billion. And indirect losses like reputational damage or security upgrades are substantially higher.
There is a dramatic increase in attack velocity, with the average breakout time down to only 62 minutes from 84 in the previous year (with the fastest recorded attack coming in at 2 minutes and 7 seconds). Once initial access was obtained, it took only 31 seconds for an adversary to drop initial discovery tools to compromise victims
According to the 2024 CrowdStrike Global Threat Report, there is a dramatic increase in attack velocity, with the average breakout time down to only 62 minutes from 84 in the previous year (with the fastest recorded attack coming in at 2 minutes and 7 seconds). Once initial access was obtained, it took only 31 seconds for an adversary to drop initial discovery tools to compromise victims.
There is a sharp increase in interactive intrusions and hands-on-keyboard activity (60%) as adversaries increasingly exploit stolen credentials to gain initial access at targeted organizations.
Read more: CrowdStrike incident a warning that diversity in Internet provider service a good idea
Also, adversaries turned their sights to the cloud through valid credentials – creating a challenge for defenders looking to differentiate between normal and malicious user behaviour. The report shows cloud intrusions increased by 75% overall with cloud-conscious cases amplifying by 110% Year-over-Year.
AI Investment will Rise with Cellular Networks, AVs & Smart Manufacturing
Meanwhile, a recent Juniper Research report predicted that as enterprises increasingly use cellular networks, including for smart manufacturing and autonomous vehicles, the need to invest into AI that automates key network processes will go up. The report shows that, as operators grow established 5G networks and create future 6G networks, AI will definitely figure in the equation. It recognized performance optimisation and network security as the most significant use cases, comprising more than 50% of global operator spend on AI by 2028.
Moreover, ever-increasing virtualisation of network functions and demand for cellular data will cause operators to apply AI to lessen operational costs. The ability to automate real-time network analysis and manage network conditions hence will be vital to diminishing network management and service provision costs.
As operators compete on the quality of their networks, AI will be essential to maximising the value of using a cellular network for connectivity. High-spending users will gravitate to those networks that can provide the best service conditions. — Research author Frederick Savage
Research author Frederick Savage said, “As operators compete on the quality of their networks, AI will be essential to maximising the value of using a cellular network for connectivity. High-spending users will gravitate to those networks that can provide the best service conditions.”
These use cases need differing degrees of high throughput, low latency and geographical coverage. Thus, to boost network competence and decrease operational cost, it would be good if operators sped up AI incorporation into core networks.
Exploitation of Generative AI is on the 2024 horizon
According to the 2024 CrowdStrike Global Threat Report, the exploitation of Generative AI is on the 2024 horizon. The report predicts that with more than 40 democratic elections scheduled in 2024, nation-state and eCrime adversaries will have numerous opportunities to disrupt the electoral process or sway voter opinion. Nation-state actors from China, Russia and Iran are highly likely to conduct mis-or disinformation operations to sow disruption against the backdrop of geo-conflicts and global elections.
Rapidly evolving adversary tradecraft homed in on both cloud and identity with unheard of speed, while threat groups continued to experiment with new technologies, like GenAI, to increase the success and tempo of their malicious operations. — Adam Meyers, head of Counter Adversary Operations, CrowdStrike
“Over the course of 2023, CrowdStrike observed unprecedented stealthy operations from brazen eCrime groups, sophisticated nation-state actors and hacktivists targeting businesses in every sector spanning the globe. Rapidly evolving adversary tradecraft homed in on both cloud and identity with unheard of speed, while threat groups continued to experiment with new technologies, like GenAI, to increase the success and tempo of their malicious operations,” said Adam Meyers, head of Counter Adversary Operations, CrowdStrike. “To defeat relentless adversaries, organizations must embrace a platform-approach, fueled by threat intelligence and hunting, to protect identity, prioritize cloud protection, and give comprehensive visibility into areas of enterprise risk.”
According to the 2024 CrowdStrike Global Threat Report, the average breakout time is now down to 62 minutes, with the fastest recorded attack being just over two minutes.
And who can rescue us from this predicament? You guessed it, AI.
Using AI to Advance Security
As modern attacks grow faster and more sophisticated, organizations are seeing the need for AI-powered security to gain organizational speed and automation required to stay protected and stop breaches.
In March, before the fiasco, CrowdStrike (NASDAQ: CRWD) tied up with NVIDIA to deliver NVIDIA’s AI computing services on the industry-leading AI-native CrowdStrike Falcon® XDR platform. Combining Falcon platform data with NVIDIA’s GPU-optimized AI pipelines and software, including new NVIDIA NIM microservices, puts custom and secure generative AI model creation in the hands of CrowdStrike and NVIDIA customers.
“Since our founding, CrowdStrike has pioneered the use of AI in cybersecurity. Our customers from all verticals, segments, and geographies are increasing adoption of AI/ML across their businesses, looking to generative AI for efficiency, speed, and innovation,” said George Kurtz, co-founder and CEO at CrowdStrike.
Cybersecurity is inherently a data problem — the more data that enterprises can process, the more events they can detect and address — George Kurtz, co-founder and CEO at CrowdStrike
“Cybersecurity is inherently a data problem — the more data that enterprises can process, the more events they can detect and address,” said Jensen Huang, founder and CEO of NVIDIA. “Pairing NVIDIA accelerated computing and generative AI with CrowdStrike cybersecurity can give enterprises unprecedented visibility into threats to help them better protect their businesses.”
Read more: CrowdStrike outage: Reasons, analysis & precautions
A report by cybersecurity platform Commvault states that AI is expected to be a major theme in 2024 with more than two-thirds (68%) of respondents indicating the technology will boost their security efforts by identifying and responding to threats more quickly and accurately.
In ways that respondents identified how AI could improve their organization’s security posture, include augmenting and automating employee training and security awareness, increasing efficiency by automating day-to-day operational processes associated with data protection, augmenting user authentication and access control, and augmenting compliance monitoring and reporting.
