76% of organizations are struggling to keep up with the sophistication of AI-powered attacks, according to CrowdStrike’s latest State of Ransomware Survey.
“Most organizations (87%) consider AI-generated social engineering tactics more convincing than traditional methods,” the report says.
“The sophistication of these attacks creates new challenges for human detection, as AI can craft contextually appropriate messages that exploit specific organizational or individual security gaps. The threat extends beyond current capabilities: 87% of organizations expect deepfakes to become major attack vectors in future ransomware campaigns, with healthcare organizations (89%) and C-level executives (90%) expressing the greatest concern.”
Additionally, the report found that many organizations are overconfident in their ability to defend against ransomware attacks.
“Of the organizations surveyed, 78% reported experiencing a ransomware attack within the past year,” CrowdStrike says.
“Of those, half believed they were ‘very well prepared’ for ransomware, but fewer than a quarter recovered from an attack within 24 hours. Nearly 25% suffered significant disruption or data loss. This is the confidence illusion: Organizations overestimate their ransomware preparedness as adversaries become more sophisticated in their use of AI-powered tactics. The threat landscape changes so rapidly that it’s easy for an organization to underestimate the sophistication of these modern attacks or misjudge its ability to recover.”
The researchers observed a similar phenomenon related to organizations’ confidence in their employees’ ability to spot phishing emails.
“Phishing was cited by 45% of victims as the initial point of compromise, making it the leading access vector for ransomware,” the researchers write. “Despite 92% of organizations believing their employees are well trained to spot phishing emails, many incidents began when staff members clicked malicious links or opened infected files.”
AI-powered security awareness training can give your organization an essential layer of defense against social engineering attacks. KnowBe4 empowers your workforce to make smarter security decisions every day. Over 70,000 organizations worldwide trust the KnowBe4 HRM+ platform to strengthen their security culture and reduce human risk.
CrowdStrike has the story.
