Exploiting valid accounts has become the path of least resistance for cybercriminals, with billions of compromised credentials accessible on the Dark Web today. In 2023, X-Force saw a 266% uptick in infostealing malware globally. Those malware are designed to steal personal identifiable information like emails, social media and messaging app credentials, banking details, crypto wallet data and more.
Besides that, IBM X-Force predicts that once generative AI market dominance is established, it could trigger AI as an attack surface. Organisations should therefore secure their AI models before cybercriminals scale their activity. They must also take a holistic approach to cybersecurity as their existing underlying infrastructure is a gateway to their AI models and does not require novel tactics from attackers to target
“‘AI-engineered attacks’ are receiving more attention due to the rise of generative AI in the current landscape, but the biggest security threat in Asia Pacific remains known unpatched vulnerabilities. Additional focus should also be placed on the region’s critical infrastructure and key industries such as manufacturing, finance and insurance, and transportation, with stress tests and well-prepared incident response plans in place,” says Catherine Lian, general manager & technology leader of IBM ASEAN.
She continues: “The exploitation of user identity is becoming a preferred weapon of choice for global threat actors, raising the need for more effective user access control strategies in the region, and prompting us to promote a holistic approach to security in the age of generative AI.”
