Apr 25 2025
Security

AI-Driven Ransomware Can Be Thwarted With Zero-Trust Networking

Businesses must modernize legacy systems and cybersecurity to prepare for the next wave of AI ransomware — and they must do it now.

Ghost ransomware attacks are on the rise, according to a joint advisory issued by the Cybersecurity and Infrastructure Security Agency, the FBI and the Multi-State Information Sharing and Analysis Center. 

The notice was part of an ongoing #StopRansomware series highlighting ransomware variants and threat actors and provides great information on these risks. The advisory explains that Ghost threat actors have been victimizing organizations across the globe, particularly in areas of critical infrastructure.

Ransomware remains a worrisome threat because it can expose sensitive data, render systems and networks inoperable, and require expensive containment and mitigation efforts. Increased reliance on IT support makes ransomware defense a priority for all organizations. 

Click the banner below for expert guidance on protecting your critical infrastructure from cyber-attacks.

 

To defend against these attacks, IT decision-makers must develop a stronger understanding of the most popular attack vectors and how they work. For example, Ghost relies extensively on the exploitation of known vulnerabilities to establish initial access to victims. Some of these vulnerabilities date back more than a decade, which explains why critical infrastructure and supervisory control and data acquisition systems are an attractive target.

With this in mind, cybersecurity leaders must take action by modernizing their legacy systems. At the same time, they must also actively prepare for the acceleration and increasing sophistication of ransomware attacks powered by a new source of havoc: artificial intelligence and machine learning.

RELATED: To prevent ransomware attacks, SMBs need solid backup strategies.

AI-Driven Ransomware Attacks Are Growing in Sophistication

In its recent ransomware reportZscaler ThreatLabz notes that ransomware attacks increased almost 18% year over year between 2023 and 2024, with AI-powered phishing and extortion techniques leading the charge. 

Just as generative AI is changing how we interact with the information we use in our jobs and daily lives, it’s also upskilling threat actors. GenAI lets threat actors produce more convincing messages for phishing campaigns and makes it easier to conduct spear phishing at scale using algorithms rather than human efforts. 

18%

The approximate percentage that ransomware attacks increased year over year between 2023 and 2024, with artificial intelligence-powered phishing and extortion techniques leading the charge

Source: Zscaler, “ThreatLabz 2024 Ransomware Report,” July 2024

With just a simple prompt, GenAI can leverage publicly available information to generate tailored messages that appear authentic and credible enough to deceive targets and ultimately increase the success rate of social engineering attacks.

Gone are the days of the advance payment scam; AI-driven ransomware is highly sophisticated, often leading to targeted, personalized and convincing schemes. The escalating risk underscores the need for businesses to modernize their cybersecurity defenses. 

FIND OUT: A few data governance strategies for AI success.

Why Zero-Trust Networking Bolsters Vulnerabilities Best

Any company with vast amounts of sensitive data is a lucrative target for AI ransomware attacks. But what are the defense strategies?

For starters, cybersecurity leaders must modernize their legacy IT infrastructure wherever possible. They must also adopt proactive security measures, including zero-trust networking, to stay ahead of threat actors.

However, this effort is tougher for small businesses, which often operate with limited resources and may struggle to modernize legacy systems.

Since AI-driven ransomware can bypass traditional network security, including VPNs and perimeter-based security, zero-trust networking is the best way to catch breaches early and often, especially those that involve exploitation of legacy systems.

Zero trust eliminates implicit trust not only by verifying users, endpoints and applications — both outside and inside the network — but also by ensuring users access only what they need. This is in stark contrast to traditional castle-and-moat networking. With zero-trust networking, if attackers gain initial access, they can be constrained from moving laterally to impact more machines.  

IT Leaders Should Enforce Stricter Security Controls Now

Threat actors will not wait for IT leaders to modernize their systems and implement new security controls before attacking. They’ll continue to exploit legacy systems as a way in — only now, they’ll use ransomware to do it more effectively. 

The #StopRansomware series makes an urgent case to adopt new security approaches, including zero-trust network architecture. The time to embrace change is now.

Click the banner below to read the 2024 CDW cybersecurity report.

Moor Studio / Getty Images
Close

See How IT Leaders Are Tackling AI Challenges and Opportunities

New research from CDW reveals insights from AI experts and IT leaders.