Generative AI Surges, Draws Attackers Attention

Netskope, a frontrunner in Secure Access Service Edge (SASE), recently unveiled new findings that reveal a significant increase in the use of generative AI applications among enterprise employees. The study, featured in Netskope’s yearly Cloud & Threat Report, highlights that over 10% of enterprise workers now use at least one generative AI app monthly, a substantial rise from just 2% the previous year. This trend not only marks the swift adoption of generative AI in business settings but also brings attention to the potential security challenges that may arise.

2023: A Landmark Year for Generative AI

According to Netskope’s research, over 10% of enterprise employees engage with a generative AI application at least once a month, a significant jump from 2% in the previous year. In 2023, ChatGPT emerged as the most favored generative AI tool in enterprises, claiming 7% of this usage. Netskope predicts that while overall usage of AI apps in businesses will continue to grow moderately, there will be a notable increase among heavy users, who are integrating these tools more deeply into their daily workflows.

Ray Canzanese,

The Threat Research Director at Netskope Threat Labs.

“As AI app utilization expands, the risk of exposing sensitive information like credentials and intellectual property also increases. To safely harness AI apps, companies need to implement robust controls and advanced data protection strategies, ensuring productive and secure AI usage.”

Growing Dependence on Cloud Applications

The year also saw a consistent rise in cloud application usage within enterprises. Users not only tried new apps but also intensified their use of existing ones. Key observations include:

• A 19% annual increase in the number of cloud apps used by enterprises, growing from 14 to 20 different apps in two years.
• Around half of all enterprise users interact with 11 to 33 cloud apps monthly, with the top 1% engaging with over 96 apps.
• The volume of interactions with cloud apps surged, from around 1,000 monthly activities per user two years ago to nearly 2,000 today.

Rise in Social Engineering Attacks

The most frequent initial attack vector in 2023 was social engineering, primarily due to its effectiveness against systems that quickly patch vulnerabilities and restrict remote access. Phishing and Trojans were the most common techniques, with phishing links being clicked by 29 out of every 10,000 enterprise users monthly.

Threat Landscape

The majority of threats targeting Netskope customers in 2023 were criminal in nature, with significant activity in Asia and Latin America. The report identifies top criminal groups originating from Russia and key geopolitical threat groups from China, with a focus on victims in Asia, particularly Singapore. Tools like Cobalt Strike were heavily used for deploying ransomware and other malicious activities.

Guidance for Organizations To combat these trends

Netskope advises organizations to:

• Restrict app access to those essential for business, establish approval processes for new apps, and continuously monitor for misuse or compromises.
• Prioritize the safe implementation and management of AI apps, including defining acceptable apps and setting up controls to maximize benefits while minimizing risks.
• Invest in mitigating social engineering risks through security awareness training and anti-phishing solutions.