Cybercriminals betting big on AI to launch attacks
As we step into 2024, cybercriminals are turning to generative artificial intelligence (AI) to mount attacks on businesses, a trend that is making cyber incidents the biggest headache for companies and organizations across the world.
According to the Allianz Risk Barometer these incidents, which manifest as ransomware attacks, data breaches, and IT disruptions have emerged as the formidable adversaries for firms in the digital era.
Allianz Risk Barometer shows cyber incidents are the top concern among corporate heads across 17 countries including Kenya, Nigeria, Uganda, Kenya, Mauritius, Germany, India, Japan, the UK, and the USA.
Shortage of professionals
"Cyber criminals are exploring ways to use new technologies such as generative artificial intelligence (AI) to automate and accelerate attacks, creating more effective malware and phishing,” explains Scott Sayce, Global Head of Cyber, Allianz Commercial
“The growing number of incidents caused by poor cyber security, in mobile devices in particular, a shortage of millions of cyber security professionals, and the threat facing smaller companies because of their reliance on IT outsourcing are also expected to drive cyber activity in 2024," adds Scott Sayce.
In the latest compilation of the top global business risks, the closely interlinked threat of business interruption claims the second spot. Notable risers in the barometer include natural catastrophes, climbing from number six to three year-on-year, fire and explosion ascending from number nine to six.
The survey shows political risks and violence making a significant jump from ten to position eight.
These rankings were derived from insights gathered from over 3,000 risk management professionals, shedding light on the dynamic landscape of global business risks.
In Africa and the Middle East, cyber incidents turned out as the most significant concern for businesses in 2023, climbing from the second position in the previous year. This trend highlights the urgent need for organizations to prioritize cybersecurity measures.
According to Thusang Mahlangu, CEO, Allianz Commercial South Africa, "The rise of cyber incidents as the primary concern for businesses in the region is a clear indication of the evolving threat landscape and the potential impact on businesses."
Read also: Escalating cybercrime in Kenya fuels calls for heightened data security
Flaws and vulnerabilities
Last year, Kenya experienced a record 860 million cyberattacks, marking the highest number to date, the Communications Authority (CA) said in an October update. The communications industry watchdog further added that Kenya witnessed an upsurge in the "frequency, sophistication, and scale" of cyber threats targeting the country's critical information infrastructure (CIIs) in 2023.
“Of these attacks, 79 percent were a result of cyber criminals exploiting flaws and vulnerabilities in organizations' internal controls, system procedures and information systems, which they used to gain unauthorized access to the computer systems,” CA said the statement.
According to the Allianz Barometer, large corporates, mid-sized enterprises, and smaller businesses alike are worried about cyber threats, business interruption, and natural catastrophes.
Nevertheless, a noticeable trend emerges as the resilience gap between large and smaller companies widens. The report highlights an increased risk awareness among larger organizations since the pandemic, leading to a proactive effort to enhance resilience.
Conversely, smaller businesses often grapple with limited time and resources, hindering their ability to identify and adequately prepare for a broader spectrum of risk scenarios.
Consequently, these businesses face prolonged recovery times when confronted with unexpected incidents, as outlined in the report.