Cyber terrorists are weaponizing artificial intelligence to create new computer viruses capable of disrupting networks within seconds, The Sunday Telegraph has learned.
The only defense against a new generation of cyber attacks being launched by China, Russia, Iran and North Korea is a form of collective defence, where anonymized data is shared between Western governments and private companies, the head of a cyber security company has said only warning. .
Linda Zecher, head of cyber security firm IronNet, said hackers recruited by states hostile to the West were launching sophisticated attacks every day with the intention of stealing and disrupting networks.
The government of Ukraine is one of the main targets of Russian hackers, while Iranian cyber gangs are targeting the Gulf State of Bahrain daily.
British companies were attacked every 39 seconds in 2023, mostly by Russian and Chinese hackers, in an offense that cost the UK economy an estimated £27 billion that year alone.
Mr Zecher said that just as security companies were using AI to protect their clients, state-sponsored cyber-terrorists were using the new technology to attack them.
She added that the best defense against attacks is a form of collective defense where organizations share information about the type of attack and what the hackers are trying to steal or disrupt.
IronNet has contracts with British companies and the US navy, and is set to begin working with the Ukrainian government to help protect the country from relentless Kremlin-orchestrated cyber attacks.
The company has developed a new approach to security by anonymously sharing data between its companies when attacked. The information is then quickly shared across all IronNet clients, who can prepare for the incoming threat.
In an interview with the Sunday Telegraph and National Security News, Mr Zecher said: “Cyberattacks can shut down entire infrastructures. Bad actors, such as Russia, China, Iran and North Korea, can now penetrate networks.
“It’s no longer the case that bad actors are getting into individual computers and stealing someone’s data. These days, your computer is simply connected to your office and home electronics so that a small-scale attack can shut down your computer and your home.”
On a larger scale, a sophisticated attack can disrupt an entire organization.
IronNet, founded by one of the top US spies, General Keith Alexander, former head of the National Security Agency, places sensors in the computer networks of companies they work with. The sensors allow their analysis teams to work out what is being targeted and by whom.
‘We know where attacks are coming from’
Miss Zecher added: “We know where these attacks are coming from – we can pinpoint the exact location.
“So the best way to protect against these bad actors is through mutual protection, which is like a form of insurance against cyber attacks. Collective defense allows you to say if this is happening to entity A, a government department or a private institution, entity B can share that information and defend against that attack.
“It is a community that collects intelligence from hostile states. The bigger the community, the better the protection, and that’s what IronNet is building. We know that if bad actors hit one utility, they’ll hit others, and if they target one bank then they’re going to attack multiple banks.
“Within governments, senior officials or government infrastructure can be targets. By sharing that information, you are much better able to protect yourself.”
There are up to 2,200 cyber attacks taking place every day – a figure that equates to around one every 39 seconds. Defense companies, government departments and banks are high-profile targets for Russia and China.
Cyber attacks threaten Ukraine every day and while most fail, some succeed. In January, Ukraine revealed that three government organizations had been hit by a large-scale cyber attack.
Kyiv said the state-run energy company Naftogaz had been attacked and Ukraine’s national postal service Ukrposhta also reported a “significant technical failure” in its IT systems.
In 2023, MI5 warned that China’s cyber attacks had reached an “epic scale”.
Ken McCallum, director general of MI5, said: “We’ve seen an ongoing campaign on a pretty epic scale.
“If you’re working on the cutting edge of technology today, geopolitics is of interest to you, even if you’re not interested in geopolitics.”
Despite this, only one per cent of British businesses have a formal cyber security incident management plan in place, indicating that many businesses are inadequately prepared for the threat of cybercrime.