AI, Cloud attacks and data leaks: what 2023 has taught us

A few weeks ago, we told you about the latest cybersecurity trends noted by security reports. Among the latest round of studies published recently, three other trends are particularly concerning to us.

1. Use of AI to mount attacks

Cybercriminals are now employing artificial intelligence (AI) to carry out attacks. The group Indrik Spider, for example, allegedly used ChatGPT to make requests at the same time as they exfiltrated sensitive information from the Azure Key Vault.

They also consulted Google and Bing to determine how to navigate Azure Portal more efficiently and searched GitHub for methods to exfiltrate credentials.

This use of AI and other intelligence sources is proof of the increasingly sophisticated nature of attacks targeting Cloud infrastructures.


2. Data exfiltration is much faster

The speed at which cybercriminals are exfiltrating data has increased significantly. In 2021, the average time from asset compromise to data exfiltration was nine days. In 2023, this could be achieved in just two days. In 45% of cases, in fact, data was exfiltrated in under 24 hours, underlining how urgent it is that organisations act fast to fortify their defences.


3. Rise in internal data leaks

There has been a notable change in the sources of data leaks. In the 90s, attacks originated mainly from outside of organisations. Over the years, the number of outside attacks has continued to fall. Around 2010, for example, only 20% of data leaks came from an internal source. However, there seems to have been a backslide in 2023.

In fact, inside sources are now responsible for 35% of leaks. Worse still, in 70% of cases, these leaks were down to human error rather than malicious intent. This trend emphasises the importance of educating and training staff on cybersecurity within businesses.


What lessons can we learn for 2024?


Assailants are increasingly attacking the Cloud

Cybercriminals are increasingly interested in the assets distributed in the Cloud. The complexity and potential vulnerabilities of Cloud deployments are well understood by attackers. They are now using sophisticated and automated methods to carry out their attacks.


Attacks are happening faster than ever

The speed with which these attacks are happening is as impressive as it is alarming. Organisations must adopt automated and high-performance detection and response tools if they want to counter these threats.


The complexity of the digital solutions deployed leads to more internal errors

The complexity of the digital solutions deployed and their intensive integration are causing an increase in the risk of human errors, increasing cyber risk tenfold. It’s now more important than ever to continually educate and train staff on cybersecurity tools.


Sleep soundly with MCG

At MCG, we continually monitor these developments so that we can best advise our clients and help them strengthen their resilience to cyber threats, while supporting their growth and innovation.

AI, Cloud attacks and data leaks: what 2023 has taught us

Tell us about your needs

Let's assess your Cyber Security together

Thank you for your message, we’ll contact you very soon! Fill all fields Error when creating request. Please try again