Advances in artificial intelligence (AI) have seen the rapid evolution of cyber threats
Two decades after the first Cybersecurity Awareness Month, the frequency and severity of cyber-attacks have reached unprecedented levels.
Today, people and businesses effectively exist online, transacting and communicating in the digital realm. Staying constantly aware and vigilant against cyber threats is vital.
In addition to safeguarding against increasingly sophisticated cyber threats with modern and effective protection technologies, Australian businesses, governments and individuals must continue to raise the awareness of current cyber threats and adopt best practices to protect against them. For businesses, this can mean educating both employees and customers on how to spot suspicious digital events and artifacts, such as social engineering attempts and scams. Organisations should also continue to invest heavily in embedding cyber security into the working culture and strategic vision.
“Cyber threats tend to target the weakest link in the chain, which is often an individual user”
Reuben Koh, Director of Security Technology & Strategy, APJ at Akamai Technologies
According to a June 2023 report by the Australian Bureau of Statistics cyber security incidents doubled between 2019-20 and 2021-22. The Australian Signals Directorate’s Australian Cyber Security Centre – Annual Cyber Threat Report, July 2021 to June 2023, also states that cybercrime has a significant impact on organisations of all sizes; in 2021–22 the average loss per report across businesses increased 14 per cent compared to 2020–21. During the 2021–22 financial year, over 76,000 cybercrime reports were made via ReportCyber.
New cybersecurity threats on the rise
Advances in artificial intelligence (AI) have seen the rapid evolution of cyber threats. Cybercriminals are using AI to develop much more sophisticated and automated attack strategies. AI-powered cyberattacks also have the potential to adapt in real-time as they learn how a targeted organisation’s cyber defences work, making them particularly challenging to detect and defend against. In response, cybersecurity experts are also leveraging AI in defence, primarily to identify, automate and mitigate threats before and as soon as they occur.
Generative AI (GenAI), a subset of AI, has made phishing and email scams look more authentic and dangerous. Instead of obvious clues like grammar mistakes, automatic translation and errors, AI-generated phishing emails allow impeccable grammar and vocabulary to be used, making them much harder to distinguish from legitimate communication. Another issue is users using GenAI tools to process potentially sensitive information such as source code or confidential internal documents, where the AI may use it as training materials.
A related attack method seeing a sharp rise is Vishing or Voice Phishing. GenAI can be used to mimic the voices of specific individuals or even generate entirely synthetic voices that sound convincingly human. Victims believe they’re interacting with a trusted entity, such as their bank or a government agency, and are tricked into providing sensitive personal information or financial details. AI can even be used to imitate the voice of a co-worker or family member, greatly increasing the level of risk of scams. Similar to how voice activated AI assistants work, a person’s voice could potentially be cloned by recording a few spoken sentences from the said victim.
Defence strategies against cyber attacks
While tools and technology are critical for defending against cyber-crime, they are not a silver bullet. Educating users on cyber risks must continue to play an integral part and be a shared responsibility among organisations, businesses and consumers. Private companies must continuously update their awareness campaigns to remain effective, while the public sector needs to intervene with new or updated regulations and standards when necessary to safeguard citizens.
Cyber threats tend to target the weakest link in the chain, which is often an individual user. The mitigation of human error can come from implementing security awareness training for employees thereby arming staff with the knowledge to make better decisions.
Organisations should also consider adopting a Zero Trust strategy, which assumes that every user, whether internal or remote, is a potential threat. For example, instead of connecting a remote user to a corporate network via a traditional VPN, it leverages a reverse proxy technology, commonly known as Zero Trust Network Access to grant remote users access to only the specific applications that are necessary to carry out their roles.
Another effective strategy for achieving cyber resilience is Zero Trust Segmentation, also known as Microsegmentation. It involves isolating and containing breaches within an organisation, limiting damage and allowing for recovery while under attack. Instead of relying on network-based controls that are coarse and often cumbersome to manage, microsegmentation separates security controls from the underlying infrastructure, offering much more granularity and flexibility.
This is often essential as organisations transition to the cloud, with new deployment options like containers that make traditional perimeter security less relevant. Securing the cloud involves a range of practices, policies and controls. It needs to protect not only data but also application workloads running in the cloud and the users who interact with them. As security is usually a shared responsibility between the cloud provider and the customer in today’s multi-cloud world, it is imperative that organisations clearly understand their overall security posture.
The need for collaboration against cyber crime
Collaboration between public and private sectors is paramount to countering cyber threats effectively. Cybercriminals themselves frequently collaborate to run more effective and profitable attacks. The cybersecurity industry needs to do likewise, with not only research and standard setting but also practical actions.
