News
Dan Lattimer, Vice President, Semperis on NCSC impact of AI on cyber security report – Jan 2024
January 2024 by Daniel Lattimer, Vice President, Semperis
The near-term impact of AI on the cyber threat assessment, published by NCSC surmises correctly that threat actors have upped their game and are using Artificial Intelligence (AI) to carry out malicious cyberattacks across Europe, regularly impacting business operations and disrupting critical services in the healthcare industry that impact the ability of hospitals to treat patients. What concerns me the most is how AI is lowering the barrier of entry into the cybercrime world for low-brow hackers who would otherwise lack the skills to conduct attacks.
Semperis’ is seeing firsthand how ransomware is impacting global organisations as our incident responders have been on the front lines helping organisations that were attacked through vulnerabilities threat actors discovered in their identity systems, most notably Active Directory. Recently, Semperis sprung into action after several hospitals were taken offline due to ransomware attacks. We assessed the severity of the attacks, isolated the risk, and helped the hospitals restore critical services in a matter of hours.
I want to reassure organisations that they can improve their operational resiliency greatly and make it difficult for threat actors to compromise their critical systems. To that end, organisations should consider conducting security awareness training, adopting around-the-clock threat hunting, monitoring for unauthorised changes occurring in their Active Directory environment which threat actors use in most attacks - and having real-time visibility to changes to elevated network accounts and groups.
Stopping destructive attacks requires a change in the behaviour of organisations trying nobly to protect themselves. Collectively, as an industry we need to constantly uplevel the cyber discussion, bring it to the boardroom. Invest more in people and best practices. Security is a sport played, not watched.
