One step ahead

How AI-powered phishing scams are altering the cyber landscape

Phishing scams powered by artificial intelligence (AI) are increasing in frequency and sophistication, challenging insurers to stay ahead of threat actors, says a cyber insurance specialist.

“The AI-driven threat is transforming the cyber landscape,” says Lynda David, senior underwriter of technology and cyber with Sovereign Insurance. “It’s increasing and they’re getting more targeted.”

Phishing involves sending emails or other messages that appear to be from legitimate sources to try to get people to reveal personal information such as passwords or credit card numbers.

Many security reports now say a high percentage of phishing emails are AI-generated. David observes these phishing scams are becoming increasingly refined, with fewer grammatical errors, and the use of real names, roles and scenarios.

“Based on the noticeable increase in both frequency and sophistication of social engineering incidents, it is reasonable to infer that threat actors are leveraging AI tools to enhance the effectiveness of their campaigns,” she says.

It’s not always specified in a claims report whether AI played a role in a phishing attempt. For insurers, the challenge is keeping ahead of the trend so that they can use AI more effectively than cybercriminals.

“As underwriters, we can help combat AI-driven attacks by ensuring our insureds implement employee awareness training and phishing simulations that reflect the evolving sophistication of these threats,” David adds. “Aside from multifactor authentication, it’s one of the easiest controls that we can implement, but it’s probably one of the most effective to combat against AI-powered scams.”

Underwriters must be strict about requiring insureds to implement employee training and phishing tests, she says.

“If I see that the insured is proactive about that, it’s a checkmark in my book,” David says. “The cyber industry has the power to reduce risk by demanding those stricter controls…[and] I think that’s the key to combatting AI threats.”

AI is a powerful tool but represents a double-edged sword. It strengthens insurers’ ability to defend, detect and respond to attacks but is also used by attackers to craft more intelligent scams to trick people.

Another trend in the cyber liability space is the increased frequency and severity of ransomware claims, where cyber attackers take control of a computer system until a ransom is paid.

“Business interruption coverage is crucial because operations come to a halt, and it’s important to bring the insured back to where they were just prior to the cyber event,” David says.

She says the largest number of claims are generated by subscription offerings known as ‘ransomware as a service’ that supply pre-written attack software. “And that makes it easier than before, because they don’t have to be so sophisticated or experts in this space. Anybody can get those ready-made kits from ransomware-as-a-service providers.”

She’s also seeing increasingly higher Bitcoin ransom requests each year. The severity, or size of attack, is ticking up as well, and stemming from software vulnerabilities, David reports.

“It’s very important underwriters ask for patching cadences and how often critical vulnerabilities are patched,” she says, adding that the best-case scenario is within 24 hours. “As long as you’re asking that question, and then they’re aware these critical vulnerabilities have to be patched, we can decrease those ransomware attacks.”