AI-Powered Cyberattacks Top Concern for Executives in 2024 The retail sector has also been heavily impacted. From April to September, Imperva Threat Research recorded an average of 569,884 AI-driven attacks daily targeting retail sites alone
You're reading Entrepreneur India, an international franchise of Entrepreneur Media.
For the third straight quarter, executives are deeply worried about the rising wave of cyberattacks powered by Artificial Intelligence (AI), with 80 per cent of senior leaders stating that AI-enhanced malicious attacks are the top risk facing their businesses.
A recent survey by Gartner highlights that along with AI-enhanced attacks, other emerging threats were also flagged, including AI-assisted misinformation (a concern for 66 per cent of executives), growing political polarization, and misaligned talent within organizations.
"We think that this difficulty presents a chance for businesses to implement safer and more responsible AI systems. Rapid advances in AI offer previously unheard-of advantages, but they also bring with them difficulties that call for careful handling," shared Ankush Sabharwal, founder and CEO, CoRover.
Cybercriminals have found creative ways to exploit AI to their advantage. They're using AI to craft sophisticated malware, write convincing phishing emails, and even breach secure systems. For instance, in June, a malware campaign intercepted by HP showed signs of having been written with help from generative AI tools, like ChatGPT. The script was neatly structured with each command clearly commented—an unnecessary level of detail if done manually by humans but typical of AI-generated code.
Further findings reveal the growing use of AI in business email compromise (BEC) attacks. Security firm VIPRE reported that AI-generated emails accounted for 40 per cent of all BEC attacks in the second quarter of 2024—a 20 per cent increase over the same period in 2023—executives, HR, and IT staff were the primary targets. "Hackers are now leveraging sophisticated AI algorithms to craft compelling phishing emails," noted Usman Choudhary, Chief Product and Technology Officer at VIPRE.
The retail sector has also been heavily impacted. From April to September, Imperva Threat Research recorded an average of 569,884 AI-driven attacks daily targeting retail sites alone. Hackers are using advanced tools, including generative AI models like Claude and Gemini, as well as custom bots, to scrape data and launch distributed denial-of-service (DDoS) attacks (hacker overload a site or a system with traffic which ultimately crash the system). These tools are also used to exploit business logic—the rules that govern how businesses operate, which can disrupt operations and cause financial losses.
The ethical side
AI isn't just a tool for hackers; ethical hackers and cybersecurity experts are also using AI to identify and fix vulnerabilities in systems. According to BugCrowd, the number of ethical hackers using generative AI jumped from 64 per cent to 77 per cent in the past year. They're finding that AI helps in complex tasks, such as parallel attacks on multiple devices (a type of coordinated cyberattack to overwhelm the target's defenses by executing multiple attacks at once) and fault-injection attacks (hackers introduce errors or faults into a system to disrupt normal operations or gain unauthorized access to sensitive data). Yet, the same tools that help "good guys" protect systems are also helping criminals breach them, underscoring the double-edged sword of AI.
While sharing what measures could protect from cyberthreats, Rohit Jha, Chief Technology Officer ArthAlpha said, "In asset management, the rise of AI-enhanced cyber threats brings significant risk, as attackers exploit sensitive data and critical financial systems. However, AI and deep learning also play a pivotal role in defending against these threats. Leveraging machine learning models for real-time anomaly detection, automated response systems, and predictive analytics can help preempt attacks by recognizing suspicious patterns and weak points," he said.
Further he shared that proactive measures like vendor assessments and resilience testing, advanced AI-driven defenses are essential to counter sophisticated intrusions and uphold operational security and client trust.
