In 2022, the United States witnessed a substantial increase in data breach incidents, totaling 1,802 cases, impacting over 422 million individuals. These breaches involve the illegal access, copying, and theft of sensitive and confidential data, affecting hardworking individuals, families, as well as businesses of all sizes.
While high-profile breaches like the recent attack on MGM Resorts International make headlines, small businesses remain primary targets for cyberattacks. The lack of robust cybersecurity defenses and insurance coverage leaves them vulnerable, with a single data breach costing small businesses an average of $200,000. Alarmingly, 60 percent of affected businesses close their doors within six months of such an attack.
In 2024, the cybersecurity landscape faces an even more significant threat, with anticipated damages exceeding $5 trillion due to targeted cyberattacks, many of which are now powered by artificial intelligence (A.I.). A.I. has transformed the technology landscape, enabling machines to mimic human intelligence, make decisions, process vast amounts of information, identify patterns, and adapt to new situations. Regrettably, this same technology is being harnessed by cybercriminals to launch more sophisticated attacks.
As we delve deeper into A.I. technology, small businesses are likely to encounter a surge in impersonation and phishing attacks, all driven by artificial intelligence. Hackers utilize A.I. to create convincing content that deceives business owners into revealing sensitive information, subsequently using it to extort hefty ransoms. The utilization of A.I. in phishing tactics has made cybercriminals more adept and perilous.
A.I. is increasingly employed to automate a range of attacks, encompassing phishing, malware, and credential-stuffing attacks. Deep Learning, a subset of A.I., empowers hackers to produce “Deepfake” content, which impersonates voices and manipulates videos to mislead users. With these capabilities, attackers can circumvent security systems, including voice recognition software.
These deceptive multimedia elements are being utilized to divert and deceive, frequently with malicious intent. Cybersecurity experts caution against deepfake-like social engineering attacks aimed at gaining unauthorized access to sensitive data.
Recognizing the magnitude of the threat posed by A.I.-fueled cyberattacks, elected officials, including the White House, are actively seeking solutions. Multiple executive orders underscore the national security threat these attacks pose, with the administration’s aim being to transfer the responsibility for cybersecurity away from individuals and small businesses to organizations better equipped to manage these risks.
While the surge in A.I.-enabled cyberattacks is cause for concern, there are steps that individuals and businesses can take to safeguard themselves. Implementing 2-Step Verification, using antivirus software on all devices, verifying website URLs, and remaining vigilant against phishing scams are crucial precautions. Logging off when not in use and reviewing and adjusting privacy settings are also vital for protecting your digital identity.
It is imperative that victims of cyberattacks understand their rights. Recent legislation, such as Illinois’ Biometric Information Privacy Protection Act (BIPPA), grants consumers the right to take legal action against entities responsible for data breaches. This local legislation has spurred advocacy for similar laws in various states, aiming to protect data and privacy.
In 2024, A.I. is poised to escalate cyberattacks to unprecedented levels. Protecting yourself and your business is of paramount importance. Staying informed, remaining vigilant, and taking action to defend your digital world is essential. The time to act is now.