Cyber Criminals Are Getting Faster–and Generative AI Could Make Their Work Easier

Small businesses can’t afford to be caught off guard by a cyberattack.

Cyberattacks are increasingly common–and they’re picking up speed. That’s scary news for small businesses. The average cost of recovering from a data breach is more than $4 million, according to IBM, and many small businesses don’t survive the financial and reputational hit that follows a cyberattack.

There’s been an uptick in interactive intrusions, in which an unauthorized user imitates a user or administrator, accesses a computer system, and begins moving around the network, according to CrowdStrike’s 2024 Global Threat Report, released on Wednesday. The average time it took to carry out such an attack dropped to 62 minutes in 2023 from 84 minutes in 2022, according to the Austin-based cybersecurity firm. In one case documented last year, it took just two minutes seven seconds for a hacker to enter and begin moving around a company’s systems.

A criminal might, for example, trick an employee into giving up their password or purchase stolen credentials to access an account. Once inside, the attacker might look for VPN login information, use that information to remotely access a company’s network, and then look through documents stored on a cloud service such as SharePoint for proprietary information or customer data.

“For years, many SMBs maintained a false sense of security due to the relative obscurity of their business,” says Daniel Bernard, CrowdStrike’s chief business officer. Business owners may assume hackers would prefer to target a large hospital chain, for example, rather than a small doctor’s office.

“[Small businesses] do have exactly what hackers are after: data.” Attackers can also use stolen credentials or data from small businesses to access bank accounts or bigger businesses within that company’s supply chain. Although tech, telecommunications, and finance companies were the most common sectors targeted, attacks occurred across all industries including retail, manufacturing, and health care.

So far, it’s been hard to assess how much generative artificial intelligence–systems that can write code or create realistic images, text, and video–is being used to carry out cyberattacks, but CrowdStrike predicts that the technology will make cybercriminals’ work easier. It may, for instance, help bad actors develop tools for hacking and making materials such as emails to trick people into giving up credentials more realistic.

Although ransomware attacks, in which a criminal blocks access to a company’s data or systems and demands money to restore it, are the most common form of attack, CrowdStrike also sees an increase in data extortion schemes, in which criminals threaten to leak private or proprietary data.

Despite the growing threats, CrowdStrike competitor Palo Alto Networks said in a Tuesday earnings call that it expected sales to soften, as buyers appeared to be questioning the value of cybersecurity services. The news sent cybersecurity company stocks, including Nasdaq-traded CrowdStrike, sliding on Wednesday.

Whether or not you invest in a dedicated cybersecurity service that can detect intrusions or irregular activity on your network, here are some ways to stay protected.

Protect Your Credentials

Many attacks start with a social engineering attack, in which an employee is tricked into giving up their password or other login information. That can happen if someone impersonates a company IT employee or if a hacker directs an employee to a realistic-looking log-in page and that employee enters their account information.

Campbell, California-based cybersecurity firm Barracuda estimates that employees at small businesses experience 350 percent more social engineering attempts than employees at larger businesses.

Make sure your employees know what to look out for. Several online sources, including the University of California, Berkeley, offer free videos on how to spot phishing or social engineering scams. LinkedIn offers a course that covers this topic and many others.

Use Multifactor Authentication

Cybercriminals are increasingly purchasing stolen credentials as the first step in an attack. Adding a second layer of verification can help. Apps that generate a unique security code or USB security keys are considered safer than having a code sent to a cell phone, which can be compromised in a SIM-swapping scheme.

Stay Up-to-Date

Hackers often exploit software vulnerabilities, or small flaws in the code that weaken its security. When a new vulnerability is discovered, companies rush out updates to patch that vulnerability. It’s a fairly straightforward process to keep apps on a phone or software on a computer up-to-date, particularly if you have automatic updates turned on.

But at some point, companies stop creating updates for older versions of software, leaving them unprotected if new vulnerabilities are found. San Francisco-based cyber insurance provider Coalition recently found that more than 100,000 businesses were running databases using outdated versions of Microsoft SQL Server.

Old hardware, so-called end-of-life devices that no longer receive security updates from the manufacturer, can be particularly hard to spot. While it’s simple to turn on software updates for a phone or computer, it’s less obvious when something like a wifi router or a tablet has become obsolete. “If your device doesn’t support automatic updates or is out of support and won’t get any future updates, it’s time to upgrade,” says Bernard.

We specialize in High-performance Human Behavior training

Working on the humans that grow your business | High-performance Human Behavior training | I teach corporations & employees how to hack into humans using Behavior & Persuasion. I work with Pharma | Finances| Banking |Insurance| Sales| AI – Language & Behavior Economics