heise PlusAbo
Anzeige

Study: Insider threats from AI are more dangerous than external cyberattacks

A comprehensive survey of IT security experts shows: Internal threats are now considered the biggest security challenge. AI plays a central role.

listen Print view
Person works at a desk with two monitors on which complex software and network diagrams are displayed.

Symbol photo

(Image: DC Studio/Shutterstock.com)

5 min. read
By

64 percent of cyber security experts now believe that malicious or externally controlled insiders pose a greater risk to IT security than external actors, according to a study spanning several continents. This is the result of the study "From human to hybrid attacks", published by the Californian cyber security company Exabeam. According to the study, 53 percent of participants state that insider threats have increased in the past year. 54 percent expect them to increase further in the next twelve months.

For the study, the market research institute Sapio Research, commissioned by Exabeam, surveyed a total of 1010 IT security experts including analysts, team leaders and executives from industries such as technology, finance, industry, healthcare, retail and the public sector in June and July of this year. The participants came from North America, Europe, the Middle East and the Asia-Pacific region. The majority work in organizations with more than 500 employees, which suggests a certain representativeness of the results for the areas covered.

According to the survey, 76 percent of companies report unauthorized use of generative artificial intelligence (AI) systems such as ChatGPT, Gemini or LLaMA by their employees. 74 percent believe that AI has already increased the effectiveness of insider threats – from phishing and identity theft to data exfiltration and fraud –. The threat surface is growing rapidly, according to expressed fears. Internal security teams are often inadequately prepared for this.

Europe: majority fear insider attacks

In the Middle East, the greatest concern worldwide is about insiders: 70 percent of respondents there see internal actors as the main threat in the area of IT security. The compromise of login credentials (26 percent) was mentioned particularly frequently. This suggests that the focus is on identity misuse and access control challenges. In North America and Europe, concern is relatively evenly split between external and internal actors, but tends to favor threats from internal employees (66% and 64% respectively). The EU Commission is desperately looking for IT experts due to the situation.

The Asia-Pacific region and Japan are an exception: 48% of participants continue to name external actors as the greatest threat. According to the analysis, this points to a regional threat model that focuses more on classic cyberattacks and potentially leads to a slower spread of attacks using AI or by insiders.

According to the study, AI-supported phishing is a global problem. However, regional differences illustrate a differentiated risk perception: Europe (32%) and the Asia-Pacific region (31%) are leading the way when it comes to concerns about AI-supported emails used to steal login data and social engineering. The Middle East (18%) is the only region where these types of attacks are not at the top of the list. Instead, 31 percent of respondents there cite the unauthorized use of ChatGPT & Co. as the biggest concern in terms of insider threats. At the same time, respondents from the Middle East have a higher level of confidence in their ability to defend themselves with the help of AI systems.

AI agents as a particular threat

"This year marks a turning point," says the study. AI is now perceived as an "operational enabler for insider threats". From identity theft to deepfake-based deception, the scale and sophistication of internal attacks are developing rapidly. Across all industries, 93% of respondents have already observed that AI is increasing the impact of insider attacks or expect this to happen in the near future. Technology companies (40 percent), financial service providers (32 percent) and public authorities (38 percent) are particularly affected. Overall, only 5 percent believe that AI will have no impact in this area.

Videos by heise

At the same time, AI agents are increasingly being integrated into work processes with real access data, the authors warn. These tools could act autonomously, perform tasks across systems and work with limited control. This is creating a "new category of non-human insiders that companies need to monitor and manage".

97 percent of the companies surveyed use AI to defend against internal risks. However, there is often a lack of control from above and operational maturity of the solutions used: Over half of managers assume that they are fully implemented. However, only 37 percent of team leaders and 40 percent of analysts confirm this. AI acts "like an accelerant" when it comes to insider threats, warns Exabeam's Head of Europe Egon Kando: "Attacks are faster, more inconspicuous and more difficult to stop." Companies urgently need to adapt their defense strategies to this new reality.

(nie)

Don't miss any news – follow us on Facebook, LinkedIn or Mastodon.

This article was originally published in German. It was translated with technical assistance and editorially reviewed before publication.

Beliebte Bestenlisten

Alle Angebote
Newsletter heise-Bot heise-Bot Push Nachrichten Push Push-Nachrichten