First, it was the image of the Pope cutting a suave figure in a Balenciaga puffer jacket. Then, a conversation on twitch between US President Joe Biden, Donald Trump and Barack Obama. What started with eliciting a few chuckles with deepfakes soon moved into dangerous territory closer home. Recently, in separate incidents, actors Rashmika Mandanna, Katrina Kaif and Sara Sachin Tendulkar were at the receiving end of manipulated images and videos.   

Earlier this year, a 73-year-old man in Kerala became the country's first target of a deep fake fraud after receiving a call from an imposter posing as his ex-colleague, urgently requesting financial assistance. The fraudster employed deepfake technology to craft a video call convincingly replicating the facial features and voice of the victim's former colleague.  

Concerned by these growing instances of AI-manipulated content spreading like wildfire, officials from the IT Ministry met with several top social media companies on 23 November. They decided to develop fresh regulations on deepfakes.

Calling deepfakes "a threat to democracy", IT Minister Ashwini Vaishnaw said, "The use of social media is ensuring that deepfakes can spread significantly more rapidly without any checks and they can get viral within minutes of uploading." 

As policymakers move to set responsibility of companies in this rapidly evolving world of AI, companies are scrambling to deploy measures which can safeguard their business and users. A lot depends on them building capacity to counter the threats using the right methods.

Preparing For The AI Onslaught  

Over the past several months, AI has emerged as a double-edged sword. While it enables organisations to strengthen their security infrastructure, it also equips hackers to employ more sophisticated, automated, and targeted attacks.  

"Deepfakes are another dark side to AI that hackers are leveraging. Deepfake technology creates convincing imitations of human activities such as speaking, writing, video or audio calling, and more. This way, hackers can be masked as authoritative figures and demand sensitive information, such as credentials, from the right person," says Shibu Paul, vice president for international sales at Array Networks. 

GenAI has given hackers a more potent arsenal for their nefarious activities. For instance, they can use it to create phishing emails personalised to the target victim, making them more susceptible to falling for the scam. These emails are also less likely to be considered spam by email verification tools, making them harder to detect. 

Moreover, hackers are using AI to develop malware that is more difficult to detect. This malware can steal data, spy on victims, or take control of their computers. AI can be leveraged to create more sophisticated and evasive malware than traditional malware.

Check Point has predicted that 2024 will see the rise of AI-directed cyberattacks as more threat actors adopt AI to accelerate and expand every aspect of their toolkit. The company claimed whether that is for more cost-efficient rapid development of new malware and ransomware variants or using deepfake technologies to take phishing and impersonation attacks to the next level.

The Tata Group-owned Indian Hotel Company Ltd experienced a security breach yesterday, resulting in the exposure of data belonging to more than 1.5 million customers. According to a report by the Economic Times, an unidentified threat actor using by the name ‘Dnacookies’ issued a ransom demand of $5,000 for the dataset from 2014 to 2020, which contains extensive personal details of customers associated with the hospitality chain, including their addresses, membership IDs and mobile numbers.

Several Blows With The Same Strike

Ransomware stands out as a severe cyber threat capable of tarnishing a company's image and imposing substantial financial burdens. In the contemporary landscape, ransomware attacks exhibit heightened levels of sophistication and personalisation.  

Hackers have evolved their tactics, incorporating double or triple extortion methods. This entails introducing supplementary layers of attack beyond the ransomware encryption, adding to the complexity and severity of these cyber incidents. 

KnowBe4's 'The Economic Impact of Cyber Attacks on Municipalities' report revealed that 1.7 million ransomware attacks occurred daily in 2022 globally. This roughly translates to 19 ransomware attacks every second. Cybersecurity Ventures further predicted that by 2031, this window of attacks on businesses, consumers or devices will narrow to 2 seconds. 

"Our reliance on AI for cybersecurity is undeniable, but as AI evolves so will the strategies of our adversaries. In the coming year, we must innovate faster than the threats we face to stay one step ahead. Let's harness the full potential of AI for cybersecurity, with a keen eye on responsible and ethical use," added Sergey Shykevich, Threat Intelligence group manager at Check Point Software Technologies, in a statement.

Defence Against AI Attacks 

Microsoft has noted a shift in ransomware tactics, with hackers remotely encrypting data, leaving minimal digital footprints. This is making things trickier for organisations since data remains their most valuable asset. Protecting it is essential in today's digital landscape, where hackers constantly exploit vulnerable systems. 

To stay ahead of hackers, Paul recommends that companies regularly test their security posture and implement solutions like security information and event management (SIEM) to identify threats proactively. These solutions provide them with relevant cyber threat intelligence and visual platforms that can be used to analyse the lateral movement of external threats that have breached internal systems. They can then use this information to improve the overall security posture in the organisation and mitigate future attacks.  

Another solution is the breach and attack simulation. This proactive step involves testing network and security infrastructure to identify loopholes and vulnerable assets proactively.  

As cybercriminals increasingly turn to extortion tactics, companies, including startups, must incorporate more robust AI capabilities into their cybersecurity measures to defend against such threats effectively. The reason is simple—AI-powered security solutions can detect threats faster and more accurately than manual systems. Moreover, it can also learn and adapt over time, enabling it to identify even the most sophisticated attack patterns. 

In addition to threat detection, Paul notes that AI can also be used to automate threat responses. AI-powered security solutions can block malicious traffic, quarantine suspicious files, and take other actions to mitigate threats before they can cause damage. 

No Other Choice 

While this doom and gloom descends on the threat landscape, economic uncertainties have prompted some companies to cut back on hiring and spending. However, industry experts do not expect this to extend to reductions in cybersecurity budgets because companies that cut back on cybersecurity costs risk for short-term savings and end up paying a high price in the long run.  

Not only does a cyber attack cause loss of confidential data, but it also disrupts business continuity, causing prolonged downtime and reputational loss which means companies don’t have the leisure to ignore cyber security needs.  

Furthermore, cyber attacks can have a ripple effect, damaging not only the directly attacked businesses but also their partners and customers. For instance, organisations that are part of complex supply chains with weak security can expose their vulnerabilities and put their partners' data and organisations at risk. 

Consulting firm Gartner noted that end-user spending on security and risk management in India is expected to total $3 billion in 2024, an increase of 13.6 per cent from 2023.  

"Other reasons for companies to prioritise cybersecurity amidst economic uncertainties are protection against potential data breaches, maintaining customer trust, enabling regulatory compliance, and ensuring long-term business continuity," Paul claims. "Finally, they should take a holistic approach to cybersecurity and invest in their people, processes, and technology."  

Better Safe Than To Succumb

Establishing and strengthening the organisation's security backbone enables it to protect itself from and mitigate threats and to comply with industry regulations. While regulations differ from industry to industry, they require companies to adhere to specific standards for collecting, storing, and managing data.  

For instance, the Payment Card Industry Data Security Standard (PCI DSS) mandates merchants to implement several security controls to protect credit card data, GDPR mandates protecting customers' personal data, and HIPPA applies data handling regulations to healthcare companies. Adhering to these regulations will avert any potential threats and financial and reputational repercussions. Companies can demonstrate compliance with PCI DSS and other relevant regulations by implementing these controls. 

Cybersecurity allocation largely depends on the organisation's industry, size, and specific requirements. With the continuation of remote and hybrid work, it remains essential to protect against growing threats of DDoS attacks, data breaches and ransomware by beefing up network security.  

This could include investing in firewalls, VPNs, intrusion detection and prevention systems (IDPS), and secure access service edge (SASE) solutions. It also encompasses security awareness training since human error remains a substantial factor in cyber threats. Such training sessions should be a mandatory ritual in mitigating social engineering-based attacks and companies should include security awareness training platforms, simulated phishing tools, and user behaviour analytics. 

While companies close their security ranks to ward off evolving cyber threats, sophisticated hacker groups will likely continue experimenting with AI to refine tried and actual attacks. This is why they need to keep their eyes open and their wits around them to mitigate the impact of these attacks.