Artificial Intelligence and wars trigger cyberattacks

We are going to see more and more frauds related to deep fakes and with generative AI. With artificial intelligence, cyberattacks grow and their sophistication increases, and cybersecurity costs will increase in both the business and public spheres,” With these words Dorit Dor, technology director at Check Point Software Technologies, expressed herself in an interview broadcast during the recent Davos Economic Forum (Swiss). Cybersecurity has once again focused part of the conversations at this annual meeting at a time when cyberattacks are growing around the world.

«In 2023 there has been a boom in attacks; It has been a very chaotic year also due to conflicts (in fact, the Hamas attack is explained by a previous cyberattack that brought down Israel’s security systems, the so-called Iron Dome). The important thing about 2023 is that until this year crimes were committed against companies or against the administration. Now a red line has been crossed and attacks on critical structures such as hospitals are beginning to occur. An example is the attack he suffered at Hospital Clínic in Barcelona; Many patients could not be operated on and hundreds of private data appeared on the dark web. Some report has been published that suggests that Attacks in the health sector have increased by up to 78%. Now anything goes. We have also seen it with the attack on Air Europa. The company had to ask 100,000 customers to cancel their cards,” says Óscar Quero, director of the Cybersecurity Master at OBS Business School.

2023 numbers

At a global level it is estimated that «There are between 90 and 100 million cyber attacks a year. In Spain, according to our data, in 2021 there were 109,000 incidents, in 2022 these increased by 10% to reach 118,000 and the forecast is that in 2023 they will have increased. Regarding the types of crimes, a third what they are looking for is money through extortion for data recovery or through sales on the dark web. In this category is phishing or impersonations, but also malware, which is malicious software, accounts for between 20 and 25% of crimes,” explains Marcos Gómez Hidalgo, deputy director of the Institute’s Security Incident Response Center. National Cybersecurity (INCIBE, center that works with the private sector and citizens).

Just take a look at Google to realize that hacks with identity theft, data theft, scams and fraud are the order of the day. Microsoft started the year with an attack by Russian hackers who have accessed corporate emails, some of the cybersecurity personnel. In 2023 there have been cases of all kinds, such as the British Library that lost public access to all your digital funds. In Spain, “many town halls have been attacked, perhaps the most notorious case has been that of Seville. Also intrusions in ministries, the theft of information from the Pet Registry, the media, and companies,” says Rafael Palacios, head of Telecommunications Engineering studies at ICAI and the Master in Cybersecurity at the Universidad Pontificia Comillas.

GPT Fraud

AI has come to complicate things even more and there are already those who believe that the number of hackers will increase. And the truth is that since the appearance of tools like Chat GPT, mention of the use of generative AI for dark purposes has skyrocketed on the dark web (as seen in the graph). Generative AI is capable of writing malicious code and becoming the silent companion of any hacker. In fact, the popular tool for creating texts has developed a perverse twin: FraudGPT, capable of creating fake but very convincing emails or web pages for phishing (that is, to obtain data through deception). Another generative AI application is WormGPT, which is also used to create phishing emails in a simple way. They can also be used to create malware, that is, software that causes infections and failures on devices, or help create fraudulent documents, invoices or payment requests.

Taking this into account, it is not surprising that Forbes magazine indicates that Enterprise cybersecurity costs will rise from $8 billion to $10.5 billion by 2025. “Cybersecurity already represents 12% of IT budgets.”

Activism and social engineering

The experts consulted agree on pointing out several reasons why cyberattacks increase every year. The first is as simple as the greater the number of devices, the greater the vulnerability. Only in the business field and following Forbes. “The amount of devices of corporate networks is growing exponentially and is expected to reach 27 billion in 2025».

The same publication assures that if cybercrime were a country, it would already be the third largest economy in the world, surpassed by the United States and China, and another reason why cybercrime increases is economic. The sale of information on the dark web is monetized or money is requested by sabotaging networks. Although, as OBS professor Óscar Quero points out, paying a ransom does not always ensure that damage is avoided or that criminals do not also sell the data. There is also a type of rescue that is especially profitable and has to do with calls. «type zero vulnerabilities», those frailties of systems, devices or networks that have not yet been detected by the manufacturer. For example, when a new mobile phone is released on the market, there may be a security flaw that has not been detected in the tests. That is why it is called zero-day because it is not covered by the manufacturer. For these cases, there are even groups of researchers and ethical hackers who are dedicated to detecting these problems and helping companies correct them before they fall into the wrong hands.

With the increase in armed conflicts (it is considered that we are in the historical moment with the most open conflicts since the Second World War) hacking related to the Political activism (which becomes the other big trend in cybersecurity for the next 10 years, along with AI). Hackers opt, in this case, for hybrid attacks focused on stopping services and creating banking or transportation chaos, in addition to obtaining money. A final cause is the lack of qualified technicians. “70% of respondents said their organizations are understaffed, leading to slower patching of critical systems,” noted a report posted on the Davos website last year.

Is it possible to protect yourself?

In addition to phishing and malware, it is increasingly commonl use of social engineering. The human being is social. If you get a person’s trust you start to get free information. It is a problem that also occurs in companies. If you receive an email from Human Resources that seems real and you ask people to fill out information, there is a percentage that will do so. This is avoided with training and ethical hacking, for example by hiring a phishing person to see who falls. Social engineering provokes a lot of urgency. What they want is for you not to think and act, they create alarms like your account has been stolen, but we know that a bank is never going to send you an SMS. We must be aware that we do not have to give away our information or data. There are people who call you to get certain words and with your voice they can commit a crime of identity theft,” says Quero of the OBS. Another key to action is given to us by Rafael Palacios de Comillas: «We citizens must protect ourselves by applying updates to our computers and mobile phones. For example, iPhone released iOS version 17.3 days ago, how many users have already installed it? The second point is to have backup copies.

The most dangerous hacker groups

NoName057, of Russian origin, has been one of the most active groups in 2023. Among the most notable attacks assigned to them is the one suffered by the Spanish Ministry of the Interior during election day.

Revil, also Russian, since 2019 has focused on encrypting files and information and hacking systems and then demanding a ransom. They are accused of having stolen blueprints for Apple products before their launch, data from Lady Gaga and information from the US military.

Dark Side, specialized in ransomware attacks, carried out the attack on the Colonial network in 2021 and left the United States unable to supply up to 31% of gasoline to cars and planes. They define themselves as apolitical and say they have an ethical code that prevents them from attacking hospitals, universities, etc. In addition, they make donations with what they raise.

Lazarus, from North Korea. They have been linked to the famous WannaCry attack. The case, which occurred in 2017, has been considered the largest computer attack in the world. It infected more than 230,000 computers in 180 countries. It is estimated that the fraudsters earned about $100,000 from more than 300 transactions, but caused losses of more than €100 million, according to Deloitte.