Gen AI fuelled 2023 cyberattacks, evolution pushed remediation costs: report

Cyberattacks became more targeted, sophisticated, and severe in 2023 as attackers pivoted to leverage generative AI, according to a Barracuda report.

Evolved attacks called for greater remediation time and resources, spiking average annual remediation costs for the year.

“The purpose of this research is to understand the economic consequences when a hacker decides to target an organization,” said Larry Ponemon, chairman and founder of Ponemon Institute, the research firm that conducted the survey for the report. “To get an international perspective, a total of 1,917 IT security practitioners were surveyed in organizations with a headcount of between 100 to 5,000.”

The countries included in the survey are the US, the UK, France, Germany, and Australia.

Attacks evolved using emerging technologies

From the 57% of respondents who admitted to experiencing one or more cyberattacks in the past 12 months, most said the cyberattacks they experienced were more sophisticated (62%), severe (55%), and targeted (52%) than before.

“Increased focus on going digital, faster pace of technology innovation, distributed or hybrid systems, increased sophistication of cyberattacks and lack of awareness on cybersecurity are adding up to an increased number of cyberattacks,” said IDC Vice President Sharath Srinivasamurthy.

Denial of service (52%), Phishing/social engineering (48%), and Credential theft (41%) were the most experienced types of attacks for the year, sometimes also including a combination of all three.

Half of the respondents believed an advanced technology like GenAI reduces the hack time considerably and said the technology could tremendously increase the number of hacks launched in a single day. Also, only 39% of respondents believed their security infrastructure is adequately equipped to protect against Gen AI-powered automated security attacks.

“Survey respondents seem to downplay the role of GenAI in benefiting hackers,” said Michael Sampson, an analyst at Osterman Research. “Only 50% indicated it would help by increasing the number of attacks that could be launched in a single day. This feels low. Almost all should have said yes to this.”

Forty-eight percent of respondents said they suffered some form of data breach from the attacks in the said period, leading to a loss of 340,267 individual records on average for an organization. The leading root causes for the breaches were Viruses or other malware (49%) and third-party mistakes (45%).

Advanced attacks pushed remediation costs

Owing to evolving hacker tactics, the average annual costs for responding to incidents went up for the year. The costs associated with IT damage, technical support, forensics, and customer service operations averaged at $2.98 million.

An additional $2.36 million on average piled up in costs for disruption of normal operations, taking the total annual average cost to respond to compromises to $5.34 million.

“Both this report and IBM’s 2023 Cost of Data Breach report peg the cost of a cyber incident at or around the $5 million mark,” Sampson added. “Having multiple studies state similar numbers raises the urgency for organizations to ensure they don’t become a victim.”

While 71% of respondents said they experienced a ransomware attack in the said period, 61% actually paid the ransom. The average ransom amount paid for a ransomware attack was $1.38 million.

The reasons revealed in the survey for organizational unpreparedness for attacks included inadequate security budgets (55%), inconsistent enterprise-wide security policies (42%), lack of visibility on a third party with sensitive access (38%), poor network and applications visibility (37%), and supply chain security challenges (32%).

“The list of reasons why organizations feel unprepared could provide something of a roadmap towards improved security,” Sampson said. “Looking for ways to improve consistency in enterprise-wide security policies and programs would be a good place to start, along with visibility into the organization’s networks and applications.”


Go to Source