Football clubs like Manchester City encounter many of their problems on the pitch, such as losses and injuries to players. You would never think cybersecurity would be at the top of their risk list.
Manchester City’s long term cybersecurity partner, Acronis, is tasked with detecting, mitigating and eliminating any potential threats on a daily basis. But AI is changing the game; changing the game in a way that is being used on both sides of the cybersecurity front lines.
Payment Expert recently attended the Acronis TRU Security Day at the Etihad Stadium, where the existential threat of AI loomed over the mind of Acronis President Gaidar Magdanurov.
“There are two problems with AI,” said Magdanurov as he leaned over a desk inside a meeting room at the Etihad Stadium. “One is it allows you to automate and scale. If you know what you’re doing, AI can help you to do amazing things, but it is used by all types of attackers.
“In the past, if you were to deploy ransomware, 80-90% was happening through email. To trick somebody, you would have to work on it, like collecting intelligence, creating good templates, and sending them emails to understand where the receiver is going to read them. But now, you can do a lot of that with AI.”
The rise of AI cybersecurity attacks
The pace at which AI has become a mainstream of every-day life is startling; OpenAI released ChatGPT to the world at the end of 2022. Competitor large language models, chatbots and other AI business use cases have since dominated the headlines, with no-code options affording even the least skilled professional access to the world of AI.
And as with all opportunities, comes challenges. The tools being used by businesses to innovate and streamline processes, are also being used by criminals to develop sophisticated malware softwares that attack vectors at all angles.
In its H2 2024 report, Acronis highlighted the surge of AI-related cybersecurity crime. Financial services were one of the most targeted industries when it came to attacks facilitated by AI.
Within the report, Acronis highlights an example of a ransomware attack that affected 726,000 Patelco Credit Union customers, as well as a cybersecurity breach at Evolve Bank & Trust which impacted more than 7.6 million of its customers.
“Now with AI, they can scale this. They scan all of your social networks, all the public information available, and then tailor the message to attack you. That becomes a huge issue.”
But the most prevalent attack financial and payment services face today are phishing attacks, when a cyber criminal intends to trick its intended target by revealing sensitive information to that user. Phishing attacks are one of the leading cybersecurity attacks on businesses in the UK, with government statistics finding fraudulent emails make up 84% of attacks to UK businesses from 2023-2024.
Why is this becoming an increasingly more prevalent issue within the financial services industry? Magdanurov explains.
“One of the techniques that attackers use now is (…) you get a lot of spam emails that look really bad. But then out of the hundreds of emails, suddenly you get one that is polished, looks very nice and your brain is already trained that spam and phishing are bad. But (criminals) actually do this often on purpose, so when you get a really well written email, you will think it is sufficient.
“Now with AI, they can scale this. They scan all of your social networks, all the public information available, and then tailor the message to attack you. That becomes a huge issue.”
Ransomware-as-a-Service, sound familiar?
AI being deployed to streamline authentic looking fraudulent emails is just the tip of the iceberg, Magdanurov explained, noting the full scope of AI’s capabilities has not yet been realised.
In a similar fashion to embedded finance, cyber criminals are utilising the technology to scale ransomware softwares which embed within businesses’ entire networks; AI has the capabilities to perform this without any manual processing.
While the fintech and payment industry has lauded the capabilities of embedded finance, such as software-as-a-service (SaaS) or acquiring-as-a-service (AaaS), ransomware-as-a-service (RaaS) has slowly been developing within the shadows.
“Imagine you have the ability to advance phish, and then at the same time, you have the ability to discover vulnerabilities at scale,” said Magdanurov, who went on to detail the scalability of this new method of AI cyberattacks.
“So instead of humans using a bunch of scripts trying to find gaps in your security, you have AI scanning this. There are lots of AI-based scanners which are going to build and use testing apps, and they do millions of different operations without your involvement at all.”
Cyber criminals have found a more seamless approach to committing cyber attacks, one that does not require much of their own doing. Magdanurov emphasised that this can be achieved “on any kind of software, you can modify using AI”.
He explained further: “It is like a step-by-step guide on how to run ransomware, and they have ransomware-as-a-service, which you can download, deploy and then get a percentage of that ransom.
“It is not only the software that encrypts, but there are some people who will be processing payments, teaching you how to buy bitcoin for example, and those three components of this major issue is how AI scales cyber attacks and now everybody can be attacked at any moment.”
What may only exacerbate fears among financial institutions of this developing RaaS threat is the lack of AI trained IT professionals equipped to mitigate attacks in real-time, which Magdanurov highlighted.
In a similar vein to cybersecurity attacks, AI-related fraud – like deepfakes – are also an emerging threat to businesses.
According to Signicat’s 2024 ‘The Battle Against AI-driven Identity Fraud’ report, 74% of fraud decision-makers agreed AI will be accountable for almost all identity fraud in the future. More worrying was Signicat’s conclusion that companies are unprepared for the upcoming threat, citing lack of industry talent and infrastructure capabilities.
Fighting fire with fire
As Magdanurov began to lean back from the desk, there was a feeling of both concern and opportunity to fight on a new front. AI is not just affecting the financial services sector, but the sporting, film, music and a plethora of other industries that are dealing with a technology in real-time that is constantly expanding each day.
For cybersecurity companies like Acronis, they are tasked with this fight daily. Their solution – fight fire with fire. Use AI.
“At Acronius, we have what we call a native integrated platform, where we have security and data protection together,” he explained.
“It acts as a single agent, console and protection plan. The reason this is important is because it becomes more reliable due to the fact that whomever works with it, they don’t have to maintain multiple agents or multiple other packages. They don’t have to learn differently, so they may be making fewer mistakes, and are able to spend more time on what’s important.”
While cybersecurity has risen the ranks in terms of risks businesses face, the economic environment of the past few years has seen many organisations take their foot off the pedal – choosing to focus on scaling and growth, instead of shoring up their defences.
“Our goal is the way we see it; it’s not only about giving the tool, but also providing the education.”
Whilst AI has undoubtedly broadened the attack surface for cyber criminals, the technology is also being used to single-handedly eliminate the manual burden that comes with fighting cyber crime.
Acronis does not just detect and mitigate an attack before it can cause damage., Its President explained a key focus for the organisation is to work with its partners to provide anti-fraud or cybersecurity teams with the necessary tools and education to learn why the attack happened, and how it can be resolved for future practice.
Magdanurov said: “That’s what we do with our partners when we partner with any sports club or any type of customers, we have a Managed Services Provider partner that is helping us to protect the infrastructure.
“We provide the platform, they provide a service, and we offer the solution that helps to increase productivity of the technical employees so they can address more issues.
“Our goal is the way we see it; it’s not only about giving the tool, but also providing the education and support to the technicians so that they can improve over time.”
Payment and financial companies have had to battle with industry-changing developments for decades, whether that be the introduction of the internet, the rise of social media, and now with AI.
The harsh reality is that cyber crime is not going anywhere, nor will it subside with the advantageous benefits AI now provides to criminals.
What Magdanurov and Acronis are attempting to remedy however is the need for education; the prevalence, real-time risks associated with AI-backed cybersecurity, along with integrating the necessary tools ready for the next-generation of cyber attacks.
