The UK National Cyber Security Centre (NCSC) has issued an assessment looking at how it expects AI to ‘impact the efficacy of cyber operations and the implications for the cyber threat over the next two years’.
Key points from the assessment include:
- AI will almost certainly increase the volume and heighten the impact of cyber attacks over the next two years. However, the impact on the cyber threat will be uneven.
- The threat through to 2025 comes from evolution and enhancement of existing tactics, techniques and procedures.
- All types of cyber threat actor – state and non-state, skilled and less skilled – are already using AI, to varying degrees.
- AI provides capability uplift in reconnaissance and social engineering, almost certainly making both more effective, efficient, and harder to detect.
- More sophisticated uses of AI in cyber operations are highly likely to be restricted to threat actors with access to quality training data, significant expertise (in both AI and cyber), and resources. More advanced uses are unlikely to be realised before 2025.
- AI will almost certainly make cyber attacks against the UK more impactful because threat actors will be able to analyse exfiltrated data faster and more effectively, and use it to train AI models.
- AI lowers the barrier for novice cyber criminals, hackers-for-hire and hacktivists to carry out effective access and information gathering operations. This enhanced access will likely contribute to the global ransomware threat over the next two years.
- Moving towards 2025 and beyond, commoditisation of AI-enabled capability in criminal and commercial markets will almost certainly make improved capability available to cyber crime and state actors.