Microsoft's latest research reveals a concerning trend: extortion and ransomware now drive over half of all cyberattacks with known motives, dwarfing espionage-focused attacks. The annual digital threats report highlights the increasing role of AI in these attacks, enabling cybercriminals to develop malware faster and create convincing synthetic content for phishing and ransomware campaigns. This necessitates a shift towards modern, AI-powered security measures and stronger collaboration between industries and governments.
Both attackers and defenders are leveraging AI. Attackers are automating phishing, scaling social engineering, creating fake media, identifying vulnerabilities quicker, and developing adaptable malware. Conversely, AI aids defenders in spotting threats, filling detection gaps, preventing phishing attempts, and safeguarding vulnerable users. Securing AI tools and training teams is now a crucial priority for organisations given these quickly evolving risks and opportunities.
A staggering 97% of identity attacks are password-related, with a 32% surge in such attacks in the first half of 2025. Attackers commonly obtain usernames and passwords from credential leaks and infostealer malware. Fortunately, implementing phishing-resistant multi-factor authentication (MFA) can effectively block over 99% of these attacks, even if attackers possess the correct credentials.
The report also highlights the persistent threat posed by nation-state actors like Russia, China, Iran, and North Korea, who are increasingly using AI for online deception and cyberattacks. Critical public services are often targeted due to limited budgets and outdated software, making them vulnerable to ransomware attacks. Microsoft stresses that cybersecurity is not just a technical matter but a governance imperative, requiring governments to establish frameworks that impose credible consequences for malicious cyber activity. The United States remains the most targeted country, with many companies still using outdated cyber defences.
Artículos relacionados de LaRebelión:
- API vs SDK Key Differences Explained
- Microsoft Xbox sigue comprometido con el hardware
- Microsoft Oculta Flujo de Datos Clave a Usuarios
- MalTerminal GPT-4 crea Ransomware y elude defensas
- GPT-4 Crea Malware Ransomware y Reverse Shell
Artículo generado mediante LaRebelionBOT
No hay comentarios:
Publicar un comentario