AI technologies reshaping cyber threat landscape – report

More than two-thirds of Canadian executives consider cyber crime their most significant threat, according to a report by PwC Canada.

Furthermore, 11% of Canadian CEOs believe that their companies will face high or extreme exposure to cyber risks in the next 12 months, and 18% predicted high or extreme exposure to cyber risks within the next five years.

PwC Canada said these findings show a significant shift in the country’s cyber threat landscape over the past year, driven mounting geopolitical tensions, fluctuating economic conditions, and accelerated digitization after the pandemic.

As a result of this changing landscape, PwC said governments and businesses are grappling with enhancing their resilience, especially as threat actors harness artificial intelligence (AI) and other innovative technologies to bolster their attack strategies.

The report specifically pointed to several key cyber threats that have impacted Canadian organizations over the past year, including ransomware attacks, state-sponsored threat actors, supply chain disruptions, phishing attempts, and the exploitation of vulnerabilities in cloud computing and solutions.

It also outlined key trends that are expected to shape the Canadian threat environment in the coming year:

• Reshaping the cyber threat landscape with AI: The year 2022 witnessed significant developments in AI-powered cyberattacks. As generative AI platforms and solutions become mainstream, they may become targets for cybercriminals in 2023. According to PwC, organizations will need to adopt these platforms and technologies while implementing robust controls to safeguard their operations.
   
• Surge in ransomware sophistication: Ransomware is expected to remain a critical threat to Canadian organizations in 2023, with cybercriminals employing increasingly sophisticated strategies to disrupt businesses and demand larger ransoms.
   
• Persistence of data breaches, particularly third-party breaches: Similarly, data breaches are expected to continue being a significant threat to Canadian organizations, requiring businesses to assess the security risks associated with their supply chain partners and other external entities.
   
• Geopolitical tensions fueling cyber threats: Ongoing conflicts and tensions between nation states will heighten cyber risk levels and lead to a surge in cyberattacks, according to PwC. Both governments and private organizations operating in critical infrastructure and key industries could face elevated risks.
   
• Accelerated targeting of IoT and OT devices: Threat actors may also increasingly target Internet-of-Things (IoT) and operational technology (OT) devices, given their potential to disrupt business operations, public safety, and national security.

In light of these concerns, PwC’s Canadian cyber threat intelligence annual report urged organizations to prioritize the establishment of trusted partnerships with threat intelligence providers to access timely and actionable information about emerging threats.

“Even as threat actors look to use new technological innovations and AI to enhance their cyberattack capabilities, AI can be used to enable organizations to quickly detect and mitigate potential threats,” said Umang Handa, a partner at PwC Canada and the national cybersecurity managed services leader. “In 2023 and beyond, organizations will need to embrace a more holistic approach to cyber security to manage the complexity of the rapidly evolving cyber threat landscape.”

What are your thoughts on this story? Feel free to comment below.