AI-generated cyber attacks pose new threat to key UK infrastructure, experts warn

AI-generated cyber attacks are posing a fresh threat to the UK’s key infrastructure, including energy and phone networks, experts have warned.

Hackers are seeking to capitalise on the new technologies that can be used to create “lures” and phishing e-mails — where an attacker pretends to be a reputable entity or person — in an attempt to breach IT networks.

The warning comes afterThe Independent revealed that the UK is at risk of a massive security breach that could see bank account details and national insurance numbers leaked because of the government’s failure to upgrade Whitehall’s ageing computer system.

“Public and private sector organisations are becoming more digitised and this is creating more opportunities for cyberattackers looking for vulnerabilities,” Martin Borrett, technical director of IBM Security’s UK and Ireland arm, told The Independent.

“Our research shows the use of security tools infused with AI can reduce the lifecycle of a data breach by over 100 days,” he added.

“But attackers are using AI too, and we may see capabilities like generative AI being used to create ever more convincing fraudulent emails and texts, for example.”

The lifecycle of a data breach refers to the time taken from identifying the breach to containing it and finally resolving it.

Christopher Budd, director of threat research at cybersecurity firm Sophos, said the use of AI by hackers was at an early stage but likely to become more sophisticated as the technology develops because it is easier and cheaper than using humans.

Hackers and scammers are using AI “to more or less reduce their overhead and simplify certain processes,” he added. “However, for the time being, there are still humans behind the scams.”

Generative AI is capable of generating text, images or other media, using generative models. It learns the patterns and structure of its input training data and then generates new data that has similar characteristics.

The UK has faced a growing threat from cyberattacks amid Russia’s invasion of Ukraine, with one expert recently describing the frequency of attacks against the country as “relentless”.

Russian hackers were earlier this year suspected of being behind the leak of sensitive UK military and defence material on the dark web.

Thousands of pages of data that could help criminals access information about the HMNB Clyde nuclear submarine base, the Porton Down chemical weapon lab and a GCHQ listening post, were leaked on the dark web.

Information about high-security prisons and a military site key to our cyber defences was also reportedly stolen in the raid by group LockBit.

In May, Britain’s National Cyber Security Centre (NCSC), a government agency, issued updated guidance to organisations due to the “heightened cyber threat”.

The NCSC, which is part of the UK’s intelligence and security agency, GCHQ, urged operators of critical national infrastructure, including energy and telecommunications networks, to prevent state Chinese state-sponsored hackers from hiding on their systems.

It sounded the alarm after a Chinese hacking group, known as Volt Typhoon, targeted a US military outpost in the Pacific Ocean. Iran has also been accused of carrying out attacks on the UK.

A government report on cybersecurity breaches, published in April, found that 32 per cent of businesses and 24 per cent of charities reported breaches over the previous 12 months, rising to 69 per cent among large firms.

The report did not include public sector organisations, although these are also targetted by hackers, most commonly for the purposes of extortion, analysts say.

Firms in the finance, insurance, information, communications, administration and real estate sectors are more likely to suffer attacks than those in other sectors. All organisations should take action to improve their cyber security, the government said.

Royal Mail was hit by a cyberattack in January. The attackers, linked to Russia, demanded £60 million, which the postal service refused to pay.

In June, The Independent revealed that details of more than one million NHS patients were compromised in a ransomware attack on the University of Manchester. Among the details potentially exposed were NHS numbers and the first three letters of patients’ postcodes.

Other public sector organisations and key infrastructure, such as the National Grid, are also frequently targeted. National Grid, which oversees gas and electricity networks in England and Wales, recently said it intercepted 700,000 potentially malicious e-mails in just a 24-hour period.

A NCSC spokesperson said: “While artificial intelligence has great potential to benefit our economy and society, we know emerging technologies might also be exploited by those seeking to do harm.

“It is vital organisations ensure they have robust security measures in place to defend against all common cyber attacks and understand the novel and enabling risks that AI poses.”

A government spokesperson said: “We are protecting the UK from cyber threats, and cracking down on hostile activity and those who perpetrate it.

“Last year, in response to a public consultation and as part of our £2.6bn National Cyber Strategy, we set out detailed plans to strengthen our cyber security legislation and improve the cyber resilience of our essential and digital services.”