As the power of AI has advanced, it has become a double-edged sword for enterprises. Despite the mounting security risk and increasing number of data protection incidents, enterprises are adopting AI tools in large numbers. While AI offers immense potential for innovation and efficiency, it also brings forth a new set of risks that organizations must grapple with, namely, risks associated with leveraging GenAI tools within the enterprise and an evolving landscape of AI-assisted threats.
Last July, WazirX lost $235 million in cryptocurrency consisting of over 200 different assets, including ~ 96.7 million of Shiba Inu, ~ $52.6million of Ether, ~ $11 million of Matic, and ~ $7.6 million of Pepe. According to cybersecurity firm, CYFIRMA, the Lazarus Group, which is linked to North Korea ‘s Reconnaissance General Bureau (RGB) a primary intelligence service, has been ascertained as the mastermind of the attack.
Read more: AI robocalls defraud, branded calling saves even as AI pushes AML Spend
The attacks were carried out by two subgroups of the Lazarus group namely APT38 and Blue Noroff. Lazarus mainly targets crypto exchanges and financial institutions worldwide. In 2017 and 2018, Bithumb, one of South Korea’s largest cryptocurrency exchanges, suffered multiple hacks attributed to the Lazarus Group, resulting in millions of dollars in stolen cryptocurrency. In 2017, Youbit, a South Korean cryptocurrency exchange, declared bankruptcy after a hack attributed to the same Lazarus Group resulted in the loss of 17% of its assets.
“The frequency of these attacks can vary, but they often occur in waves. The primary motivation is to generate revenue for the North Korean regime. The stolen cryptocurrency is used to fund the country’s weapons programs and to evade international sanctions.” — Kumar Ritesh, CEO & Founder, Cyfirma
Kumar Ritesh, CEO & Founder, Cyfirma, says, “Heists have been ongoing for several years, with notable attacks occurring since at least 2017. Significant heists have occurred in various countries, including South Korea, Japan, the United States, and others. The frequency of these attacks can vary, but they often occur in waves. The primary motivation is to generate revenue for the North Korean regime. The stolen cryptocurrency is used to fund the country’s weapons programs and to evade international sanctions.”
As usage of GenAI tools within enterprises increase, they face significant risks in protection of intellectual property and non-public information, which poses the risk of data leakage. Another area is AI application data privacy and security risks, which includes an expanded attack surface, new threat delivery vectors, and increased supply chain risk. Data quality concerns also exist, wherein the concept of “garbage in, garbage out” and the potential for data poisoning exists.
Simultaneously, enterprises are constantly exposed to a barrage of cyberthreats, some of which are now AI-driven. The possibilities of AI-assisted threats are virtually limitless, as attackers can leverage AI to orchestrate sophisticated phishing and social engineering campaigns, develop highly evasive malware and ransomware, exploit vulnerabilities in enterprise attack surfaces, and amplify attacks’ speed, scale, and diversity. To address this challenge, enterprises and cybersecurity leaders must effectively navigate the rapidly evolving AI landscape to harness its revolutionary potential while also mitigating the risks and defending against AI-powered attacks.
“As we strive towards the transformative “Viksit Bharat vision by 2047,” AI emerges as a powerful force, infusing intelligence into every facet of our society.” — Sudip Banerjee, CTO, Asia Pacific & Japan at Zscaler
“India leading the charge in APAC when it comes to AI usage is a clear indication of the country’s unwavering commitment to leveraging technology to drive innovation and positive change. As we strive towards the transformative “Viksit Bharat vision by 2047,” AI emerges as a powerful force, infusing intelligence into every facet of our society,” said Sudip Banerjee, CTO, Asia Pacific & Japan at Zscaler.
“However, there is an escalation in AI-powered threats which underscores the importance of ensuring our data is being well protected against these emerging attacks. It has become more imperative now than ever before to adopt a zero-trust approach when integrating new technologies into our processes.”
According to Zscaler, Inc.’s 2024 AI Security Report, Indian enterprises are leading APAC markets when it comes to AI/ML usage. Such usage is stressing the need for better data security.
This is why more and more tie ups are occurring between IT and AI. For example, in May 2024, CrowdStrike and Tata Consultancy Services (TCS) tied up to power TCS’ extended managed detection and response (XMDR) services with the AI-native CrowdStrike Falcon® XDR platform. Such partnerships leverage AI-powered SOC transformation that stops breaches.
“As the attack surface evolves, enterprises must secure their digital core with robust cybersecurity to grow and innovate.” — Ganesa Subramanian Vaikuntam, vice president and Global Head, Cybersecurity Business Group, TCS
“As the attack surface evolves, enterprises must secure their digital core with robust cybersecurity to grow and innovate,” said Ganesa Subramanian Vaikuntam, vice president and Global Head, Cybersecurity Business Group, TCS.
According to Zscaler’s ThreatLabz 2024 Ransomware Report, India recorded the second highest volume of ransomware attacks in APAC. India ranks as the ninth most targeted country globally for ransomware attacks. The rapid adoption of AI and machine learning (ML) makes India a prime target for sophisticated cyberattacks, including AI-powered ransomware. Already the world saw a significant 18% increase in global ransomware attacks YoY. Manufacturing is the most targeted sector (28.89%), followed by telecommunications, technology, pharmaceutical, and financial services.
“The increasing use of ransomware-as-a-service models, along with numerous zero-day attacks on legacy systems, a rise in vishing attacks and the emergence of AI-powered attacks, has led to record breaking ransom payments.” — Deepen Desai, Chief Security Officer at Zscaler
“Ransomware defense remains a top priority for CISOs in 2024. The increasing use of ransomware-as-a-service models, along with numerous zero-day attacks on legacy systems, a rise in vishing attacks and the emergence of AI-powered attacks, has led to record breaking ransom payments,” said Deepen Desai, Chief Security Officer at Zscaler. “Organizations must prioritize Zero Trust architecture to strengthen their security posture against ransomware attacks.”
Read more: Breaches galore as cybersecurity threat actors keep upping their game
In the modern workplace in which cloud-based apps are the norm, browsers serve as the gateway to sensitive data and are prime targets for cyber threats. From phishing attacks to malware downloads and data exfiltration, the risks continue to rise. In fact, in the recent Zscaler ThreatLabz 2024 Phishing Report, the research team found a 60% increase in AI-powered phishing attacks due to a rapidly evolving threat landscape. Adopting a zero-trust architecture coupled with Google Chrome Enterprise Premium offers users the most secure enterprise browsing.
As the velocity and sophistication of today’s cyberattacks continue to increase, organizations need outcome-based security protection focused on stopping breaches. With cloud intrusions growing 75% in the past year, breakout times now measured in minutes, and the growing cybersecurity skills gap, managed security solutions serve as the force multiplier customers need to protect their critical assets and securely drive digital transformation initiatives.