AI-enabled attacks are major threat for cybersecurity professionals, CyberArk report reveals

The majority of security decision-makers fear AI-enabled attacks in 2023, according to a new study by CyberArk.

Of the 2,300 respondents, a total of 99% also expect to suffer identity-related compromise, two-thirds believe layoffs and workforce churn will create new cybersecurity issues, as well as 93% anticipating AI-enabled attacks this year.

The global CyberArk 2023 Identity Security Threat Landscape report highlighted the evolution of AI and it’s potential to influence the growth of identity-led cyber compromises.

More than half of respondents (58%) believe identity-related compromise will be caused by digital transformation initiatives like cloud adoption or legacy app migration. Experts in cybersecurity said that generative AI will facilitate cybercriminal activity as it becomes more advanced.

Identity-based attacks occur when cybercriminals target the computer system, network, or account to retrieve a victim’s personal information for illegal or malicious activities. This can lead to impersonation attacks where threat actors use the personal information to collect more sensitive data, steal money, or ruin the target’s reputation.

The Co-founder and Executive Chair of CyberArk, Udi Mokady, said the surge in human and machine identities enabled through digital transformation and cloud migration has opened the doors to attackers’ innovative techniques.

AI creates new attack surfaces

Professor Isaac Ben-Israel, Director of Blavatnik Interdisciplinary Cyber Research Center at Tel Aviv University, said that we should be better prepared for generative AI by steering greater cooperation and openness between tech giants and security organisations.

AI has the potential to act as a ‘force multiplier’ for cyberattacks and endanger resilient organisations across public and private sectors, as the pressure to adopt these technologies increases. This rush to embed AI could create new attack surfaces fir threat actors.

“Cybercriminals have the ability to utilise and access such AI tools such as ChatGPT for personal gain or malicious behavior. We have witnessed more than 100,000 ChatGPT accounts being stolen and sold over the Dark Web,” said David Warshavski, Vice President of Enterprise Security at Sygnia.

Warshavski advised companies to educate the employees and set expectations for AI adoption since there are no guardrails on ChatGPT.

“The cybersecurity vendors will leverage this technology to close the skill gap that is plaguing the industry, but it will take time before such technologies are fully deployed,” he added.

The survey stressed that abusing credentials to compromise identities are the most common origin of breaches and where cybersecurity professionals have significant challenges in protecting. Respondents note that AI will only fuel the fire to this battle via chatbot security vulnerabilities or AI-powered credential compromise.

CyberArk’s report highlights that the prospect of AI-enabled threats are top-of-mind for security professionals, with greater than nine out of ten expecting AI to drive negative cyber impact in 2023, and 62% say employees use unapproved AI-enabled tools that can increase security risk.

An issue of trust

Any identity could be compromised and used to unlock higher levels of privileges to access critical assets.

Human and machine identities are growing at a rate of 2.4x, increasing the risk of faults. Nearly half of respondents (45%) say that machine identities will have access to corporate sensitive data, meanwhile 74% of respondents are concerned about confidential information loss stemming from employees, ex-employees and third-party vendors.

It was discovered that 63% percent of security decision-makers admit that the highest-sensitivity access for employees in their organisation is not adequately secured, which includes IT admins and other privileged user accounts. A significant number of respondents (68%) noted that organisational turmoil in the shape of sudden and widespread layoffs may aggravate this problem, introducing new security issue with each rehiring of an employee.

CyberArk has assured customers that there is a safe and surmountable path forward for proactive organisations.

“We believe that by placing identity at the heart of a Zero Trust cybersecurity approach, following a risk-based strategy to secure critical assets and leaning on the expertise of trusted partners, organisations will be best positioned to weather the current storm,” said Clarence Hinton, the Chief Strategy Officer of CyberArk.

A ‘trust nothing, verify everything’ approach has the potential to protect a broader range of human and machine identities.

Just over half of the respondents (51%) look to trusted cybersecurity vendors to help design and forecast solutions for future cyber risk. CyberArk noted that 59% say they would not be able to protect against an attack stemming from a successful cyber compromise of a software supply chain provider.

Protecting against AI-enabled attacks

With cybercrime and cyber-related damages projected to reach an annual cost of £8.1 trillion ($10.5 trillion) by 2025, cybersecurity professionals must wrestle with complex IT environments and exponential identity growth to protect businesses.

One in three UK businesses faced cyber attacks last year, increasing the need for greater investment in cybersecurity. But cloud and digital initiatives, incuding automation, cloud services, and DevOps, will outpace cybersecurity spend. This is dubbed ‘cyber debt’, which can expand identity-centric attack surfaces.

On average, 75 SaaS applications are used by companies, and this number is expected to increase by 68% within the next 12 months. This can lead to even greater cyber compromise.

Converging global events and risks like climate change, supply chain issues, economic turmoil, and rapid technology evolution has also caused a sharp decline in spending and the imbalanced ‘cyber debt’. This reportedly has resulted in a business reset of everything from strategy to staffing.

Nonetheless, 69% of organisations are moving ahead with planned cybersecurity measures this year.

Companies are expanding a multitude of privilege controls. This includs least-privilege access on infrastructure that runs business-critical applications, just-in-time access for operations that don’t require credentials with 24/7 access permissions, local admin removal on endpoints to prevent privilege escalation, and standing access removal across third-party vendors.

Organisations are also advised to use risk management-based considerations when evaluating asset sensitivity. Security teams cannot tackle every threat simultaneously, therefore a risk-based approach is crucial for propelling forward better decisions and outcomes. However, only 47% of security professionals currently implement this strategy.

With nearly all respondents fearing AI-enabled attacks this year, and more than half of them associating identity compromises with digital transformation initiatives, there is a growing concern that the rapid expansion of human and machine identities will increase the attack surface for cybercriminals.

By focusing on identity-based, zero-trust security strategies and fostering greater cooperation with trusted cybersecurity vendors, organisations can navigate the evolving cybersecurity landscape. This will require a concerted effort to invest in cybersecurity measures, focus on educating employees about the potential risks, and foster a comprehensive, risk-based approach to securing assets.

Hungry for more tech news?

Sign up for your weekly tech briefings!