Threat actors aren’t attacking generative AI (GenAI) at scale yet, but these AI security threats are coming. That prediction comes from the 2024 X-Force Threat Intelligence Index. Here’s a review of the threat intelligence types underpinning that report.

Cyber criminals are shifting focus

Increased chatter in illicit markets and dark web forums is a sign of interest. X-Force hasn’t seen any AI-engineered campaigns yet. However, cyber criminals are actively exploring the topic. In 2023, X-Force found the terms “AI” and “GPT” mentioned in more than 800,000 posts on dark web forums and illicit markets. That high level of activity provides an accurate gauge of interest. These attacks may not be happening now, but this interest indicates groundwork and planning phases.

The consolidation of the AI market will mark a turning point

Threat actors run criminal enterprises like businesses. Before investing in plans and infrastructure, they want assurances of ROI. Today, there are too many GenAI tools and platforms spread across too many companies. X-Force believes that once the market matures to where a single technology dominates a 50% market share or when three or fewer technologies corner the market, then cyber criminals will launch attacks. To achieve ROI, GenAI needs to be ubiquitous across enterprises worldwide. Without ubiquity, attacks cost too much time and money. When the market narrows, GenAI attacks will start in earnest.

Explore AI cybersecurity solutions

Past is prologue

Previous threats had similar life cycles. X-Force believes market consolidation and maturity play a role. X-Force has assessed tech disruption and threat maturity for over a decade. This year’s index offers three compelling examples that show the 50% market share milestone has on cyber threat cycles. Their first example is Windows Server market dominance, which triggered the development of point-of-sale (POS) malware and human-operated ransomware attacks that relied on Active Directory. Next, business email compromise (BEC) scams moved to the forefront when Microsoft 365 approached a 50% market share. Finally, Infrastructure-as-a-Service (IaaS) consolidation drove crypto mining malware exploits. The in-depth detail of these examples is contained in the full report and is worth a read.

AI adoption will outpace security measures

As the threat index report notes, “the rush to adopt GenAI is currently outpacing the industry’s ability to understand the security risks these new capabilities will introduce.” This outpacing is common with new technology because tech adoption tends to be more freewheeling and experimental in early phases with less oversight and regulation within a company. Plus, the newer the tech, the less aware companies are about potential vulnerabilities and what it would take to secure against them. It’s often in the aftermath of attacks that security holes become obvious.

AI security threats are coming. How can you prepare?

Better security in the AI era is a widely recognized need as AI security threats proliferate. Even though GenAI attacks aren’t happening at scale yet, the time is fast approaching. Put an incident response plan in place. Or, if you already have an IR plan, expand it to include specifics related to AI attacks. Those specifics might include tracking and defending against known vulnerabilities, adding response team members familiar with AI and increasing data protections for your AI models and data sets. You need a plan customized to your business, but the goals should be to reduce your response time, remediate the damage and recover from the attack. Include practice sessions and drills to prepare your response team for when these attacks happen.

X-Force also recommends that you establish secured AI business models that recognize that AI security is broader than AI itself. The IBM Framework for Securing Generative AI is one model. This framework includes securing training data, AI models and the infrastructure that supports both. A key benefit of AI is being able to offload operational business tasks. AI governance provides operational guardrails to ensure your AI model doesn’t stray from its original design purpose and acts as expected.

The IBM X-Force Threat Intelligence Index 2024 provides insights and recommendations for how to address the most immediate threats your business faces and the future threats you can plan for now. Download the report so you can prepare now for the GenAI security threats to come.

More from Risk Management

What should Security Operations teams take away from the IBM X-Force 2024 Threat Intelligence Index?

3 min read - The IBM X-Force 2024 Threat Intelligence Index has been released. The headlines are in and among them are the fact that a global identity crisis is emerging. X-Force noted a 71% increase year-to-year in attacks using valid credentials.In this blog post, I’ll explore three cybersecurity recommendations from the Threat Intelligence Index, and define a checklist your Security Operations Center (SOC) should consider as you help your organization manage identity risk.The report identified six action items:Remove identity silosReduce the risk of…

Obtaining security clearance: Hurdles and requirements

3 min read - As security moves closer to the top of the operational priority list for private and public organizations, needing to obtain a security clearance for jobs is more commonplace. Security clearance is a prerequisite for a wide range of roles, especially those related to national security and defense.Obtaining that clearance, however, is far from simple. The process often involves scrutinizing one’s background, financial history and even personal character. Let’s briefly explore some of the hurdles, expectations and requirements of obtaining a…

Ransomware payouts hit all-time high, but that’s not the whole story

3 min read - Ransomware payments hit an all-time high of $1.1 billion in 2023, following a steep drop in total payouts in 2022. Some factors that may have contributed to the decline in 2022 were the Ukraine conflict, fewer victims paying ransoms and cyber group takedowns by legal authorities.In 2023, however, ransomware payouts came roaring back to set a new all-time record. During 2023, nefarious actors targeted high-profile institutions and critical infrastructure, including hospitals, schools and government agencies.Still, it’s not all roses for…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today