CySecurity News - Latest Information Security and Hacking Incidents, EN

Enterprise Cyberattacks Accelerate as AI Speeds Threats but Human Errors Remain the Biggest Security Risk

 

Cyberattacks are hitting businesses more often, fueled by automation and AI that accelerate the exploitation of vulnerabilities. Yet despite increasingly sophisticated techniques, experts say human mistakes, weak passwords, and poor access controls remain the biggest causes of successful breaches. While threats continue to evolve, people are still the weakest link in cybersecurity. 

A recent report from Mandiant highlights how cybercriminal groups now operate through specialized teams. One group focuses on gaining access through phishing emails, malicious ads, or fake software updates, while another takes over to move through networks, steal data, or deploy ransomware.

Attackers are also moving much faster. The average handoff time between criminal groups fell from more than eight hours in 2022 to just 22 seconds in 2025. 

Vulnerabilities are increasingly exploited within days of disclosure, leaving organizations little time to patch systems before attacks begin.

Cyber threats generally fall into two categories: financially motivated criminals seeking ransom payments or stolen data, and espionage-focused actors aiming for long-term, hidden access. While most intrusions are detected within about two weeks, cyber-espionage campaigns often remain unnoticed for more than three months. 

Software vulnerabilities remain the leading attack vector, with technology and financial firms among the most targeted sectors. Researchers also observed a rise in voice-based social engineering, where attackers impersonate employees and contact IT help desks to bypass multi-factor authentication protections.

Artificial intelligence is increasingly being used by threat actors for reconnaissance, phishing, and malware development. Some malicious tools even search compromised systems for AI-related credentials and resources. 

However, researchers stress that AI is rarely the direct cause of breaches. Most incidents still stem from human error, weak security practices, misconfigurations, and excessive permissions.

Ransomware attacks are evolving as well. Instead of only encrypting files, attackers now target backup systems, virtualization platforms, and recovery tools. By disabling recovery options, they increase pressure on victims to pay ransom demands.

There are positive signs for defenders. 

More organizations are detecting attacks internally through improved visibility, monitoring, and threat detection capabilities. Earlier discovery allows security teams to respond faster and reduce potential damage.

Experts recommend stronger identity protection, continuous access verification, isolated backup environments, centralized login management, and behavior-based monitoring systems. 

As cyber threats continue to accelerate, many security professionals believe identity security has become the new perimeter, making proactive defense more important than ever.

This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents

Read the original article: