- Three out of five companies have experienced Deepfake attacks recently, Gartner finds
- Audio and deep videos are becoming more accessible to attackers
- The immediate injection is also giving criminals access to confidential information of the company
Gartner says that even small businesses face an increase in cyber crime, and AI could be the fault, more than three fifths (62%) of organizations that report attacks promoted by AI in the last year.
The firm’s study found three out of five (62%, again) experienced deep defense attacks, with 44%experiencing deep audio attacks, which makes this the most common attack vector compared to deep videos (36%).
Immediate injection attacks were also observed against AI (32%) tools and attacks against the application infrastructure of business generative (29%), which show how AI is not used only to strengthen crime, but also serves as a useful vulnerability for many criminals.
Is AI causing more cybercrime?
“As adoption accelerates, attacks that take advantage of Genai for phishing, deep defects and social engineering have become the main current, while other threats, such as attacks on the application infrastructure of Genai and rapid manipulations, are emerging and winning traction,” explained Gartner VP analyst Akif Khan.
The report details how the rapid development of AI has seen that Deepfakes go from complex to snapshots, with the deep audio that are now generated in real time to make them very convincing and personalized.
Although the specific deep of the person in real time remain very expensive, only time is interposed between limited use and generalized use.
In the field, cybersecurity companies and analysts are seeing that deep are used as an initial attack vector, before the attackers return to simpler and more cheaper methods. For example, scammers sometimes pretend an CEO in a call before changing to social engineering methods.
When it comes to exploiting the artificial intelligence systems of the companies, the attackers are often observed to the systems that reveal confidential information or abuse integrations to execute the code giving malicious indications.
Looking towards the future, companies of all sizes, not only multinational companies, are being advised to increase their game, with the emerging trust zero approach as a firm favorite to block unjustified activity.
