AI

AI-enhanced ransomware attacks in the UK necessitate ERP security

In today’s digital age, it’s becoming more common to hear phrases like “Our systems are down,” whether you’re at a school, doctor’s office, or company office. This isn’t just a technical glitch, it’s often a symptom of the rising wave of cyberattacks, particularly ransomware. These disruptions aren’t just inconvenient. They can lead to significant financial and operational losses. Despite efforts by government regulators to address these concerns, ransomware attacks are becoming more sophisticated, especially as attackers leverage artificial intelligence to amplify their tactics.

To better gauge the fallout of these attacks, we surveyed 500 senior cybersecurity professionals across the UK and found that 83% of organizations had experienced ransomware attacks in the last year, with 46% reporting four or more incidents. Furthermore, 61% of businesses affected by ransomware reported being offline for at least 24 hours. For large enterprises, this level of downtime can translate to losses in the millions of pounds.

The data underscores the urgency of addressing these threats with more effective, comprehensive cybersecurity strategies.

JP Perez Etchegoyen

CTO of Onapsis.

ERP systems are a blind spot

One of the most concerning findings from the research is the vulnerability of enterprise resource planning (ERP) software to ransomware attacks. ERP systems are critical to modern business operations, managing everything from financial data and human resources to supply chains and customer relationships. Unfortunately, 89% of organizations that experienced ransomware attacks reported that their ERP systems were targeted. Given that ERP systems house a company’s most sensitive and essential data, this vulnerability represents a significant blind spot in many organizations’ cybersecurity defenses.

The challenge is compounded by the fact that ERP systems are often managed separately from other IT infrastructure, which can lead to gaps in protection. Cybersecurity teams may focus on securing a broader network, while ERP administrators concentrate on ensuring system performance and uptime. This lack of coordination can create vulnerabilities that cybercriminals are eager to exploit

AI multiplies attack impact

As ransomware becomes more prevalent, attackers are increasingly leveraging AI to enhance the sophistication of their attacks. AI allows cybercriminals to automate and scale their operations, targeting specific systems like ERP with precision. For example, cybercriminal organizations are using AI-driven phishing tactics to target high-level government officials and businesses to bypass traditional defenses, using cloud platforms such as Dropbox and Google Drive to deliver malicious payloads.

The use of AI in cyberattacks also opens the door to more complex manipulations, including the creation of deepfakes and highly personalized phishing emails. These tactics deceive even experienced cybersecurity professionals, highlighting the need for more advanced defensive measures. The traditional approaches to cybersecurity, which often focus on perimeter defenses, access controls, and identity management, are no longer sufficient.

Businesses investing in new solutions

Survey data indicates that just over half of companies are enhancing their security postures: 57% are investing in new solutions, 54% are prioritizing employee training, 53% have added more cybersecurity staff internally, and around 36% have hired external threat research firms. While these measures represent a positive shift, they are only part of the solution. To fully address the growing complexity of cyberattacks, companies must move beyond general cybersecurity measures and incorporate ERP-specific threat detection and response into their broader strategies.

Traditionally, many organizations have viewed ERP security as secondary to more visible components like network or endpoint security. This mindset needs to evolve. ERP systems are built on top of very complex technology, that if not managed properly can be just as vulnerable, if not more, than other components of the IT landscape, due to the sensitive nature of the data these business critical applications store. Continuous monitoring for vulnerabilities is essential, as is the use of AI-driven tools to detect suspicious behaviors before they escalate into more severe threats. A comprehensive ERP security strategy must also include advanced threat intelligence to stay informed of emerging risks and respond to them swiftly.

A critical aspect of defending ERP systems involves better alignment between cybersecurity teams and ERP administrators. These groups must collaborate closely to identify and close security gaps that attackers often exploit. Given the integral role ERP systems play in a company’s overall operations, ensuring that these two teams work together to monitor and defend these systems is vital for minimizing risks and preventing potential breaches.

The path forward: Using AI to fight AI

As the threat landscape evolves, solution providers in the cybersecurity space are offering increasingly advanced AI-driven tools that can help organizations safeguard their ERP systems. These tools can automate the detection of vulnerabilities, offer real-time threat intelligence, and provide pre-emptive patching solutions. Additionally, AI-enabled security solutions can help organizations detect patterns and behaviors that indicate cyberattack, allowing them to respond more quickly and effectively. This is particularly important in ERP environments, where a delay in response could lead to massive operational downtime and data loss.

While technology will undoubtedly play a key role in defending against AI-enhanced ransomware, it’s equally important for organizations to foster a culture of cybersecurity awareness. Employees should be trained to recognize the signs of phishing and social engineering attacks, as many ransomware incidents begin with seemingly innocuous emails or links. By combining advanced technological solutions with continuous employee education, organizations can better protect themselves from evolving threats.

Looking ahead, AI will play a dual role in cybersecurity, both as a tool for cybercriminals and as a key part of the defense strategy. To protect critical systems and sensitive data, businesses must adopt advanced, multi-layered security solutions that can detect, prevent, and respond to AI-enhanced threats. By taking a proactive approach, organizations can not only safeguard their operations but also ensure long-term resilience in an increasingly hostile cyber environment.

We’ve featured the best business VPN.

This article was produced as part of TechRadarPro’s Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

Leave a Reply