{"id":14991,"date":"2025-10-21T12:08:32","date_gmt":"2025-10-21T12:08:32","guid":{"rendered":"https:\/\/newestek.com\/?p=14991"},"modified":"2025-10-21T12:08:32","modified_gmt":"2025-10-21T12:08:32","slug":"ai-enabled-ransomware-attacks-cisos-top-security-concern-with-good-reason","status":"publish","type":"post","link":"https:\/\/newestek.com\/?p=14991","title":{"rendered":"AI-enabled ransomware attacks: CISO\u2019s top security concern \u2014 with good reason"},"content":{"rendered":"
\n
\n
\n
\n
\n
\n
<\/div>\n<\/section>\n

As ransomware attacks accelerate in speed and sophistication, 38% of security leaders rank AI-enabled ransomware as their top concern \u2014 the most frequently cited worry about AI-related security issues according to CSO\u2019s new 2025 Security Priorities study.<\/p>\n

That concern appears to already be well founded, as a second study released today, CrowdStrike\u2019s 2025 State of Ransomware Survey<\/a>, provides a snapshot of how the ransomware threat is evolving, revealing cybersecurity pros\u2019 fears surrounding the use of AI in ransomware attack chains, as well as the need to for CISOs to build better \u2014 and more intelligent \u2014\u00a0defenses to match AI-powered attackers.<\/p>\n

\u201cFrom malware development to social engineering, adversaries are weaponizing AI to accelerate every stage of attacks, collapsing the defender\u2019s window of response,\u201d Elia Zaitsev, CTO at CrowdStrike, said<\/a> in announcing the survey\u2019s findings. \u201cThe 2025 State of Ransomware Survey reinforces that legacy defenses can\u2019t match the speed or sophistication of AI-driven attacks. Time is the currency of modern cyber defense \u2014 and in today\u2019s AI-driven threat landscape, every second counts.\u201d<\/p>\n

Where ransomware stands today<\/h2>\n

CrowdStrike surveyed 1,100 IT and cybersecurity decision-makers across Australia, France, Germany, India, Singapore, United Kingdom, and United States to ask how they assess their ransomware readiness and navigate the evolving ransomware landscape, including the emergence of AI-enhanced threats.<\/p>\n

The following are the top takeaways from CrowdStrike\u2019s report:<\/p>\n

Most organizations get hit with ransomware and some suffer from overconfidence:<\/strong> Of the organizations surveyed, 78% reported experiencing a ransomware attack within the past year. Of those, half believed they were \u201cvery well prepared\u201d for ransomware, but fewer than a quarter recovered from an attack within 24 hours. These statistics bear out what CrowdStrike calls the \u201cconfidence illusion,\u201d a disparity between the expectation and reality of the organization\u2019s ability to recover from an attack quickly.<\/p>\n

Ransomware payments are no safety nets<\/strong>: According to the CrowdStrike survey, 83% of paying victims were attacked again, and 93% had data stolen anyway, with backups proving unreliable. Nearly 4 in 10 respondents said they were unable to restore the data they lost fully.<\/p>\n

Phishing is the most common attack vector<\/strong>: Phishing<\/a> was cited by 45% of ransomware victim respondents as the initial point of compromise. Other frequently cited entry points include vulnerability exploits<\/a> (40%), supply chain compromise<\/a> (35%), compromised credentials<\/a> (33%), malicious downloads (32%), misuse of remote monitoring and management<\/a> (RMM) tools (31%), and insider threats (27%).<\/p>\n

Ransomware attacks are costly:<\/strong> According to the survey results, organizations reported an average downtime cost of US$1.7 million per incident, but also incurred significant non-quantifiable costs. Among these were reputational damage, which affected 34% of victim organizations; legal and regulatory penalties, which impacted 24% of organizations; and publicly released or stolen data affected 24% of victims.<\/p>\n

Post-attack improvements help but are often inadequate: <\/strong>CrowdStrike\u2019s survey results indicated that just about half (51%) of organizations increased general cybersecurity investment following attacks, and 47% improved detection and monitoring capabilities. Nearly half of the respondents (45%) said they enhanced training and awareness programs. But, only 38% addressed the specific issue they identified as enabling the attack.<\/p>\n

Gen AI-enabled phishing is a top concern:<\/strong> 82% of the organizations surveyed believe generative AI makes phishing emails more challenging to identify, even for well-trained employees. Most organizations (87%) consider AI-generated social engineering tactics more convincing than traditional methods.<\/p>\n

Legacy defenses fall behind AI tools:<\/strong> CrowdStrike\u2019s research suggest that AI-powered threat detection tools are eclipsing the standard threat intelligence techniques. AI-powered threat detection leads adoption at 53% among surveyed organizations, followed by automated incident response at 51% and AI-enhanced phishing detection at 48%. Most security teams (85%) acknowledge traditional detection methods are not keeping pace with modern threats.<\/p>\n

Ransomware\u2019s AI-powered future<\/h2>\n

Although CrowdStrike\u2019s latest survey doesn\u2019t provide a full picture of AI\u2019s use by ransomware gangs, the fact that generative AI is proving highly effective in crafting phishing emails that lead to ransomware infections shows the tip of the iceberg CISOs face.<\/p>\n

CrowdStrike Field CTO Cristian Rodriguez tells CSO, \u201cWe\u2019re seeing AI touch every stage of the ransomware attack chain and it starts with phishing. Still the No. 1 entry point, AI-powered phishing campaigns are tricking employees into opening the door to corporate networks. The next wave will be even more deceptive, as AI-generated deepfakes emerge as a major driver of future ransomware attacks.\u201d<\/p>\n

According to Rodriguez, the ability to use AI to create malware<\/a> is also rapidly evolving. \u201cWe\u2019re increasingly seeing ransomware-as-a-service providers leverage AI-developed malware to deploy and disrupt systems,\u201d he says. \u201cSo, AI is pervasive across the ransomware threat lifecycle \u2014 and it\u2019s only accelerating.\u201d<\/p>\n

In the AI era, speed is the new battleground. Attackers move from intrusion to encryption in minutes, not hours. \u201cThe data really reinforces that speed is the biggest challenge,\u201d Rodriguez says. \u201cRansomware has always been a race to contain and neutralize, but AI has taken it to another level \u2014 attackers are moving from intrusion to encryption in minutes, not hours. The pace of today\u2019s adversaries is what makes speed in modern security so important.\u201d<\/p>\n

Analysis from managed detection and response firm Huntress earlier this year showed the average \u201ctime to ransom\u201d \u2014 from initial access to extortion \u2014\u00a0to be 17 hours<\/a>, with some groups narrowing that window to 4 to 6 hours. But that was eight months ago in a rapidly advancing field.<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"

As ransomware attacks accelerate in speed and sophistication, 38% of security leaders rank AI-enabled ransomware as their top concern \u2014 the most frequently cited worry about AI-related security issues according to CSO\u2019s new 2025 Security Priorities study. That concern appears to already be well founded, as a second study released today, CrowdStrike\u2019s 2025 State of Ransomware Survey, provides a snapshot of how the ransomware threat… <\/p>\n

Read More<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[1],"tags":[],"class_list":["post-14991","post","type-post","status-publish","format-standard","hentry","category-uncategorized","is-cat-link-borders-light is-cat-link-rounded"],"_links":{"self":[{"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/posts\/14991","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/newestek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=14991"}],"version-history":[{"count":0,"href":"https:\/\/newestek.com\/index.php?rest_route=\/wp\/v2\/posts\/14991\/revisions"}],"wp:attachment":[{"href":"https:\/\/newestek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=14991"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/newestek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=14991"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/newestek.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=14991"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}