A new report from cybersecurity firm Keeper Security has revealed that IT leaders are struggling to keep up with new forms of threat vectors from emerging technologies.
Survey respondents cite AI-powered attacks as the most serious emerging attack vector and the most challenging to handle.
Cybercriminals are becoming increasingly sophisticated, breaking historically secure solutions and inflicting damage on vulnerable organizations across every sector, the report said.
Ninety-two percent of respondents reveal they’ve seen an increase in cyberattacks year-over-year. As cybersecurity incidents become more frequent, 95% of IT leaders say that cyberattacks are also more sophisticated than ever – and they are unprepared for this new wave of threat vectors.
IT leaders share the emerging attack vectors they’re witnessing first-hand at their organizations:
- AI-powered attacks (51%)
- Deepfake technology and supply chain attacks – both 36%
- Cloud jacking – 35%
- Internet of Things (IoT) Attacks and 5G network exploits – both 34%
- Fileless attacks – 24%
IT leaders report they are ill-equipped to defeat those emerging techniques, lacking defense for:
- AI-powered attacks – 35%
- Deepfake technology – 30%
- 5G network exploits – 29%
- Cloud jacking – 25%
- Fileless attacks – 23%
The report said that even as they prepare to overcome emerging attack techniques, IT security leaders must face the problems of today: 73% of respondents report experiencing a cyberattack that resulted in monetary loss.
Direct financial impact is one of many consequences of a successful cyberattack, along with business disruption, enduring revenue loss, customer and partner attrition, and tarnished reputation.
“Malicious actors are wreaking havoc on vulnerable organizations in novel ways, leveraging emerging technology to execute devastating cyberattacks,” said Darren Guccione, CEO and co-founder of Keeper Security.
“Fighting evolving threats requires constant adaptation, underscoring the need for a proactive approach to cybersecurity – one that combines advanced defense mechanisms and basic best practices to identify evolving threats and defeat a cyberattack.”
While novel threats cast a looming shadow, IT leaders are stretched thin as they combat today’s most common threat vectors, with the following types of attacks directly impacting their organizations:
- Phishing – 61%
- Malware – 59%
- Ransomware – 49%
- Password attacks – 38%
The explosion in AI tools has intensified problems like phishing attacks by increasing the believability of scams and enabling cybercriminals to deploy them at scale.
Eighty-four percent of respondents said that phishing and smishing have become more difficult to detect with the rise in popularity of AI-powered tools, and revealed that AI-powered phishing is their top concern (42%) when it comes to AI security. In addition to phishing, malicious actors weaponize AI to speed up and scale other common attack techniques, such as password cracking.
Among the multitude of cyberattacks increasing in frequency, survey respondents cite:
- Phishing – 51%
- Malware – 49%
- Ransomware – 44%
- Password attacks – 31%
Stolen or weak passwords and credentials remain a leading cause of breaches. Fifty-two percent of survey respondents shared that their company’s IT team struggles with frequently stolen passwords, underscoring the importance of creating and safely storing strong, unique passwords for every account.
As emerging technology intensifies existing attack vectors and creates new threats, the stakes are higher than ever for IT and security leaders, the report said.
“Despite the ever-evolving threat landscape, the fundamental rules of protecting an organization in the digital age remain relevant. Integrating solutions that prevent the most prevalent cyberattacks, including password and privileged access management (PAM) solutions, creates a layered security approach that stands the test of time now and in the future,” the study said.
