Cybercriminals use AI to make malware less detectable
Cybercriminals are using AI-created malware that is adept at avoiding detection by traditional antivirus models, according to the latest report from Acronis.
The report also finds email attacks and ransomware cases have exploded relative to last year. Acronis-monitored endpoints are picking up valuable data about how cybercriminals operate and how some attacks have become more intelligent, sophisticated, and difficult to detect.
"The volume of threats in 2023 has surged relative to last year, a sign that criminals are scaling and enhancing how they compromise systems and execute attacks," says Candid Wüest, Acronis VP of research. "To address the dynamic threat landscape, organizations need agile, comprehensive, unified security solutions that provide the necessary visibility to understand attacks, simplify context, and provide efficient remediation of any threat, whether it may be malware, system vulnerability, and everything in between."
Phishing is still the primary method criminals use to unearth login credentials. In the first half of 2023 alone, the report shows number of email-based phishing attacks has surged 464 percent compared to 2022. Over the same frame, there has also been a 24 percent increase in attacks per organization. In the first half of 2023, Acronis observed a 15 percent increase in the number of files and URLs per scanned email. Cybercriminals have also tapped into the burgeoning large language model (LLM)-based AI market, using platforms to create, automate, scale, and improve new attacks through active learning.
Among other findings there were 809 publicly mentioned ransomware cases in the first quarter of 2023, with a 62 percent spike in March over the monthly average of 270 cases. Over the same period 30.3 percent of all received emails were spam and 1.3 percent contained malware or phishing links.
Phishing remains the most popular way of stealing credentials, making up 73 percent of all attacks. Business email compromises (BECs) are second, at 15 percent.
The full Acronis Mid-Year Cyberthreats Report 2023 is available from the company’s site.