NCSC – The near-term impact of AI on the cyber threat

The report highlights the near-term impact of artificial intelligence (AI) on cyber threats. It states that AI will increase the volume and effectiveness of cyber attacks in the next two years. However, this impact will not be even across all cyber threats. The main threat until 2025 comes from the evolution and enhancement of existing tactics, techniques, and procedures in cyber attacks. Both state and non-state actors, regardless of their level of expertise, are already using AI to some extent in their cyber activities. AI particularly improves the reconnaissance and social engineering capabilities of these actors, making their attacks more efficient, effective, and difficult to detect. However, advanced use of AI in cyber operations will likely be limited to threat actors with access to quality training data, significant expertise in both AI and cyber activities, and sufficient resources. It is unlikely that these advanced uses will be fully realized before 2025. The use of AI in cyber attacks against the UK is expected to have a significant impact. Threat actors will be able to analyze exfiltrated data more quickly and effectively and use it to train AI models, making their attacks more impactful. Furthermore, AI lowers the barrier for entry for novice cyber criminals, hackers-for-hire, and hacktivists to carry out access and information gathering operations. This enhanced access is expected to contribute to the global ransomware threat in the next two years. Looking towards the future, the commoditization of AI-enabled capabilities in criminal and commercial markets will likely provide cybercrime and state actors with improved AI capabilities.