Nokia Says Cybercriminal Attacks Driven by Generative AI and Automation

Nokia just released its tenth Threat Intelligence Report indicating that cyberattacks on telecom infrastructure are accelerating, as cybercriminals increasingly use Generative AI and automation to increase the speed, volume, and attack sophistication. DDoS attacks increased from one or two a day to well over 100 per day in many networks from June 2023 to June 2024, according to the company, with North America seeing the highest number of cyberattacks due to the concentration and scale of telecom infrastructure and large enterprises in the U.S.

The report finds that botnets are the primary source of DDoS attack volume, with about 60% of DDoS traffic monitored by Nokia from June 2023 to June 2024. During that time, residential proxies became a prominent tool for more advanced application-layer attacks.

A botnet is a network of computers and devices controlled and used by cybercriminals to launch malicious activities, such as DDoS attacks and personal and sensitive information theft.

DDoS attacks have been fueled by the proliferation of hundreds of thousands of insecure IoT devices, which often have lax security protections and have gigabit and multi-gigabit broadband capacity that facilitate the spread of malware. They found that the most common malware in telecommunication networks was a bot that scans for vulnerable devices with weak encryption, passwords, or design flaws.

Although Generative AI enables faster, more sophisticated attacks, communication service providers are increasingly using the same technology to improve their response times and effectiveness against cyber threats. Cybercriminals are also increasingly targeting SoCs to exploit vulnerabilities in various components, such as firmware, software, and hardware interfaces.

Quantum computing is another area where new threats are emerging. The National Institute of Standards and Technology (NIST), which recently standardized the first algorithms that will form components of the world’s approach to counter the potential threats of quantum computing, is continuing to help shape security strategies globally.

According to Rodrigo Brito, Head of Security, Cloud and Network Services at Nokia, “The use of Generative AI and automation for nefarious purposes is leading to a stepwise increase in malicious actors’ capabilities and threat potential. The Threat Intelligence findings further reinforce the need for operators, vendors, and regulators to work more collaboratively to develop more robust network security measures, practices, and awareness.”