AI is helping hackers make new malware faster and more complex than ever - and things may only get tougher

News
By published

Social engineering is still the number one attack vector, experts warn

Malware attack virus alert , malicious software infection , cyber security awareness training to protect business
(Image credit: Shutterstock)
  • Palo Alto warns GenAI accelerates malware creation and complexity
  • AI reduces data exfiltration time from five hours to 72 minutes
  • Identity weaknesses and SaaS supply chains drive most intrusions, with ransomware shifting to data theft

The rise of Generative Artificial Intelligence (GenAI) is helping hackers make new malware faster and more complex than ever, experts have warned, arguing that things may only get tougher for the cybersecurity community.

In its annual Unit 42 Global Incident Response Report, researchers from Palo Alto laid out how AI has become a force multiplier for the attackers, who can now exfiltrate data in just over an hour (72 minutes), whereas in the pre-AI era, that time was around five hours, meaning exfiltration increased by four times.

While the browser remains the “primary battleground”, in which almost half (48%) of all incidents happen, attack complexity is increasing. In fact, almost nine in ten (87%) of intrusions span multiple attack surfaces. In some cases, the attack surfaces are in double digits, and threats are rarely confined to a single environment. Attackers often coordinate across different endpoints, networks, cloud services, SaaS platforms, and identity systems.

Identity woes and supply chain attacks

Palo Alto also said that identity drives initial access. In nine out of ten incidents, identity weakness was a major factor, and with agentic identity management, the challenge is even more complex. Roughly two-thirds (65%) of initial access stems from social engineering while, in comparison, vulnerabilities take up less than a quarter (22%).

Third-party SaaS applications have also become a prime target. Supply chain attacks spiked by almost four times since 2022 and now make up almost a quarter (23%) of all attacks. Most of the time, the crooks hunt for OAuth tokens and API keys which allow them to move laterally, steal data, lock down systems, and deploy malware.

The report also points out what the industry has been warning for some time now - ransomware operators are pivoting away from encryptors and focusing solely on data extraction.

“From the attacker’s perspective, it’s faster, quieter, and creates immediate pressure without the signals defenders once relied on to detect ransomware attacks,” Palo Alto concluded. .

Best antivirus software header
The best antivirus for all budgets

➡️ Read our full guide to the best antivirus
1. Best overall:
Bitdefender Total Security
2. Best for families:
Norton 360 with LifeLock
3. Best for mobile:
McAfee Mobile Security

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.