Multichannel attacks are becoming a serious threat for enterprises – and AI is fueling the surge

Multichannel attacks pose a dangerous threat to businesses as attackers can disguise themselves more convincingly

George Fitzmaurice's avatar
By
published
in News
IoT security concept image showing network symbols on a blue background.
(Image credit: Getty Images)

Organizations are seeing a steep rise in multichannel attacks fueled in part by an uptick in AI cyber crime, new research from SoSafe has found.

94% of surveyed organizations reported an increase in multichannel attacks over the last year, referring to attacks in which threat actors utilize multiple platforms such as email and SMS.

This is in part because there are now so many channels for attackers to target, with cyber criminals able to exploit social media accounts and messaging apps to mimic legitimate communications.

AI also plays a part, with the report referring to one incident in which AI was used to generate a deepfake voice clone in tandem with communication via WhatsApp and Teams channels.

Latest Videos From

“Imagine a vice president receiving a call from the ‘CEO’ asking them to execute an urgent action, followed by a confirming message on another medium like Teams or Slack. The call creates urgency, and the follow-up adds credibility. Who wouldn't do as advised?” Sascha Giese, tech evangelist at SolarWinds, told ITPro.

“A sophisticated multi-channel attack could be the perfect crime, combining technical expertise, social engineering, a narrative, and an AI in a way that few organizations are equipped to defend against,” Giese added.

Respondents expect AI cyber attacks to grow in frequency across the board, the report found, with 91% expecting the threat and intensity of AI-based cyber attacks to increase over the next three years.

Though 96% of respondents recognized the importance of detecting AI-based attacks, only 26% rated their ability to do this as “high.”

Why are multichannel attacks so dangerous?

Businesses must be wary of this upward trend in multichannel attacks as they can be particularly effective ways for attackers to leverage vulnerabilities.

They can be particularly dangerous as they combine multiple prompts directed at a victim using more than one media type to create a sense of credibility, James McGodrick, head of security services at Systal, said.

“Examples of this could be an apparently legitimate voicemail from a CFO to a member of the finance team, immediately followed by a very convincing payment link sent via E-Mail which aligns with the content of the voicemail,” McGodrick told ITPro.

RELATED WHITEPAPER

The State of B2B Recommerce

(Image credit: B-Stock)

Maintain inventory turnover and minimize holding costs

As much cybersecurity training highlights the importance of double checking with the person who appears to have sent a communication, McGodrick said, multichannel attacks work by attempting to satisfy the victim that further corroboration is not needed.

“For this reason, multi-channel attacks can be particularly dangerous for organizations, even those who have already got user awareness training in place,” McGodrick said.

MORE FROM ITPRO

George Fitzmaurice
George Fitzmaurice
Contributor

George Fitzmaurice is a former Staff Writer at ITPro and ChannelPro, with a particular interest in AI regulation, data legislation, and market development. After graduating from the University of Oxford with a degree in English Language and Literature, he undertook an internship at the New Statesman before starting at ITPro. Outside of the office, George is both an aspiring musician and an avid reader.

Latest
You might also like
View More ▸