Advancing UK Aerospace, Defence, Security & Space Solutions Worldwide
  • Home
  • /
  • Security
  • /
  • NCSC warns global ransomware threat expected to rise with AI

Security

NCSC warns global ransomware threat expected to rise with AI

In a new report published today, the National Cyber Security Centre (NCSC) has warned that over the next two years Artificial Intelligence (AI) is expected to increase the global ransomware threat.

Image courtesy NCSC / Anton Grabolle / Better Images of AI / AI Architecture / CC-BY 4.0

The near-term impact of AI on the cyber threat assessment, published by the National Cyber Security Centre (NCSC), a part of GCHQ, concludes that AI is already being used in malicious cyber activity and will almost certainly increase the volume and impact of cyber attacks – including ransomware – in the near term.

Advertisement
SPX Comms

Among other conclusions, the report suggests that by lowering the barrier of entry to novice cyber criminals, hackers-for-hire and hacktivists, AI enables relatively unskilled threat actors to carry out more effective access and information-gathering operations. This enhanced access, combined with the improved targeting of victims afforded by AI, will contribute to the global ransomware threat in the next two years.

Ransomware continues to be the most acute cyber threat facing UK organisations and businesses, with cyber criminals adapting their business models to gain efficiencies and maximise profits.

To tackle this enhanced threat, the Government has invested £2.6 billion under its Cyber Security Strategy to improve the UK’s resilience, with the NCSC and private industry already adopting AI’s use in enhancing cyber security resilience through improved threat detection and security-by-design.

The Bletchley Declaration, agreed at the UK-hosted AI Safety Summit at Bletchley Park in November, also announced a first-of-its-kind global effort to manage the risks of frontier AI and ensure its safe and responsible development. In the UK, the AI sector already employs 50,000 people and contributes £3.7 billion to the economy, with the government dedicated to ensuring the national economy and jobs market evolve with technology as set out under the Prime Minister’s five priorities.

NCSC CEO Lindy Cameron said: “We must ensure that we both harness AI technology for its vast potential and manage its risks – including its implications on the cyber threat.

“The emergent use of AI in cyber attacks is evolutionary not revolutionary, meaning that it enhances existing threats like ransomware but does not transform the risk landscape in the near term.

“As the NCSC does all it can to ensure AI systems are secure-by-design, we urge organisations and individuals to follow our ransomware and cyber security hygiene advice to strengthen their defences and boost their resilience to cyber attacks.”

Analysis from the NCA suggests that cyber criminals have already started to develop criminal Generative AI (GenAI) and to offer ‘GenAI-as-a-service’, making improved capability available to anyone willing to pay. Yet, as the NCSC’s new report makes clear, the effectiveness of GenAI models will be constrained by both the quantity and quality of data on which they are trained.

The growing commoditisation of AI-enabled capability mirrors warnings from a report jointly published by the two agencies in September 2023 which described the professionalising of the ransomware ecosystem and a shift towards the 'ransomware-as-a-service' model.

According to the NCA, it is unlikely that in 2024 another method of cyber crime will replace ransomware due to the financial rewards and its established business model.

James Babbage, Director General for Threats at the National Crime Agency, said: “Ransomware continues to be a national security threat. As this report shows, the threat is likely to increase in the coming years due to advancements in AI and the exploitation of this technology by cyber criminals.

Advertisement
SPX Comms

“AI services lower barriers to entry, increasing the number of cyber criminals and will boost their capability by improving the scale, speed and effectiveness of existing attack methods. Fraud and child sexual abuse are also particularly likely to be affected.

“The NCA will continue to protect the public and reduce the serious crime threat to the UK, including by targeting criminal use of GenAI and ensuring we adopt the technology ourselves where safe and effective.”

Effective preparation is central to preventing ransomware attacks. Implementing the NCSC’s advice, such as the simple protective measures outlined in its ransomware guidance, will help UK organisations to reduce their likelihood of being infected.

Most ransomware incidents typically result from cyber criminals exploiting poor cyber hygiene, rather than sophisticated attack techniques. The NCSC’s 10 Steps to Cyber Security and Top tips for staying secure online set out how organisations and individuals respectively can protect themselves in cyberspace.

The near-term impact of AI on the cyber threat report outlines further ways in which AI will impact the effectiveness of cyber operations and the cyber threat over the next two years – including social engineering and malware.

Tackling the challenges of securing future technology is a key priority area for the NCSC having published its Guidelines for Secure AI System Development in November with the endorsement of 17 other countries. CYBERUK 2024, taking place in Birmingham on 13th-15th May, will elaborate on these themes with its focus on 'Future Tech, Future Threat, Future Ready'. A full programme will be issued in the coming days.
 

 

 

Advertisement
TT Electronics LB TT Electronics LB
Adarga acquires J2X Solutions

Defence Security

Adarga acquires J2X Solutions

13 June 2024

London headquartered AI software specialist Adarga, today announced the acquisition of US strategic risk intelligence firm, J2X Solutions.

G3 Systems refurbs British Army’s TCDA

Defence Security

G3 Systems refurbs British Army’s TCDA

13 June 2024

G3 Systems has announced a rolling refurbishment programme, contracted by the UK MoD’s Defence Equipment and Support (DE&S) agency, to extend the working life of their operationally proven and highly acclaimed Tactical Containerised Dog Accommodation (TCDA) for use by 1st Military Working Dogs (MWD) Regiment, based at St Georges Barracks, North ...

Airports criticise Government over liquids restrictions announcement

Aerospace Security

Airports criticise Government over liquids restrictions announcement

13 June 2024

Over the weekend, the UK's Department for Transport (DfT) announced that from 00:01 on Sunday 9th June 2024, 100ml restrictions on liquids will temporarily be reintroduced at UK airports.

Base Materials boosts subsea buoyancy options

Defence Security

Base Materials boosts subsea buoyancy options

12 June 2024

Leicester headquartered Base Materials has launched a new buoyancy repair and refurbishment service providing remotely operated vehicle (ROV) owners and operators with a more sustainable alternative to purchasing new buoyancy modules.

Advertisement
SPX Comms
Kromek presenting D5 RIID at Eurosatory 2024

Defence Security Events

Kromek presenting D5 RIID at Eurosatory 2024

12 June 2024

Sedgefield based radiation and biological detection company Kromek, will focus on the latest evolution of its D5 RIID at Eurosatory next week (17th-21st June), which can now be mounted onto any unattended UGV platform.

Hughes Europe expands into defence and government sectors

Defence Security Space

Hughes Europe expands into defence and government sectors

12 June 2024

Hughes Europe has announced its strategic expansion into the military, defence and government sectors across pan-European nations, with launch of Konnect VHTS Services in collaboration with Telespazio.

Advertisement
ODU RT