Backblaze warns of AI-assisted cyber threats – Blocks and Files

/in


Humans are often the weakest link in a corporate network and the entry point for ransomware attackers, a factoid that underscores the necessity for persistent vigilance against this growing cyber threat.

A stark reminder of this was today presented by cloud storage provider Backblaze in its 2023 Complete Guide to Ransomware report. The latest edition of this annual report states:

“This year’s most important update has been the rise of generative AI for increasingly sophisticated, automated phishing attempts… Text generated by models like ChatGPT help cybercriminals create very personalized messages that are more likely to have the desired effect of getting a target to click a malicious link or download a malicious payload.”

A ransomware-infected PC

Traditionally, phishing messages were relatively easy to identify, often featuring spelling errors, grammatical mistakes, and awkwardly constructed sentences. With the aid of software like ChatGPT, however, “criminals can enter a prompt to quickly receive error-free, well-written, and convincing copy that can be immediately used to target victims.”

The report provides a comprehensive review of ransomware’s prevalence, attack vectors, the sequence of events during an attack, and the necessary steps for responding to an attack. It stops short of suggesting foolproof methods to prevent attacks from breaching IT infrastructure, as no solution that is 100 percent reliable exists.

The best measures involve proactive steps: ensuring robust IT user education and having an efficient recovery system in place to restore encrypted files from uncorrupted backups. If sensitive data has been exfiltrated, however, the options are limited.

Ransomware diagram
B&F diagram

Malware attack vectors can be either human or machine-mediated, each designed to deliver malware into IT systems, encrypting files or copying them for transmission to attacker HQ. Victims someimes pay a ransom, often in cryptocurrency, to decrypt their files or prevent widespread distribution.

The caveat, of course, is that dealing with cybercriminals doesn’t guarantee a successful outcome even after paying a ransom. Backblaze’s report warns: “Paying the ransom only…

Source…