The dark side of the AI boom

Artificial intelligence has quickly been abbreviated to AI in day-to-day conversation, signalling a growth in awareness of its role in our lives, jobs and futures. However, a more sinister dark side sits alongside the boom in AI-driven technology and the advantages that widespread AI adoption can bring. When AI powers cybercrime strategies, there is often a greater threat to challenge our computer systems, banking security and personal information safeguards.

AI-enhanced attacks are rapidly becoming the norm, and those most at risk are SMEs. Almost half (46%) of cyberattacks target smaller and medium-sized businesses. Notably, a quarter of the SMEs attacked in 2024 believed AI had been involved. Against this backdrop, nearly nine-in-ten (86%) of SMEs feel “unprepared” to spot AI threats. 64% say AI threats are outpacing their organisation’s ability to protect against them.

AI is a valuable tool for cybercriminals, who can earn substantial amounts out of phishing attacks and ransom payments. Phishing emails, until recently, were fairly easy to spot, with cybercriminals deploying poor English, making obvious spelling mistakes and using amateur copies of company logos. AI adds a vastly enhanced level of sophistication. The language is more polished, and the correspondence is more context-aware. Attacks are increasingly tailored to an individual business, and information about key personnel and businesses is quickly scraped from online sources. Details, which it could have taken a cybercriminal months to collate previously, are pulled together in seconds.

Due diligence, in checking people are who they say they are, own the bank accounts they claim to operate, and are legitimately seeking engagement, should become a habitual action. Unfortunately, deep-fake attacks are on the rise. Impersonation of real company directors and other managers and decision-makers is now a factor in one-in-seven targeted scams.

Phishing and the internal threat

Phishing thrives on the use of AI. The Cyber Security Breaches Survey 2025, by the Department for Science, Innovation and Technology (DSIT) and the Home Office, found 85% of businesses and 86% of charities attacked by cybercriminals in the past 12 months were phishing victims. The survey noted that sophisticated methods, such as AI impersonation, are now becoming “mainstream.” The survey also estimated that UK businesses experienced 8.58 million cybercrimes, of all types, within the year. Ransomware’s role had increased significantly, as cybercriminals sought to force businesses to pay to restore their systems.

Worryingly, businesses do not just face cybercrime villains from without, but sometimes from the enemy within. An insider threat has been exposed by one BBC reporter, approached by cybercriminals using an encrypted app. They offered a share of the ransom to be demanded of the corporation to restore its systems — a payment that would enable him to “never work again,” in their words. In return, they sought his login and password or for him to run computer code on his work computer and report back on the result. In this instance, the reporter reported the contact. Not all employees may be able to resist such an offer.

Protecting against a cyberattack

Businesses have to control risks both in their main workplace and in the homes of remote workers. Some are trying. The Cyber Security Breaches Survey noted an elevated adoption of some cybercrime prevention methods, but there is a worrying detail within the figures.

Only 19% of businesses train employees in cyber prevention. Less than a third (31%) use a VPN through which remote staff can connect. 41% of businesses have no formal cyber procedures. Around half (47%) have not drawn up a cyber business continuity plan. This is despite a notable increase in temporary loss of access to business files and third-party services, as reported by those businesses attacked in the past year.

The need for the right cyber insurance

Whilst cyber insurance policies are now more commonly purchased, businesses may not necessarily have bought the right cover for their business recovery needs. Some cyber insurance policies merely offer compensation for losses. The most useful cyber insurance policies, on the other hand, offer immediate access to cyber-focused IT experts, able to quickly launch a forensic examination of the attacked IT system. Speed is of the essence. Having a proactive policy that can also identify areas of IT weakness before an attack occurs is another advantage. Using AI, criminals can quickly identify businesses with easy-to-exploit system loopholes, making these prime targets.

Cybersecurity has moved way beyond installing anti-virus software or updating software. The capacity for human vulnerability is greater than ever in the AI-driven cybercrime world. Genuine errors regularly occur. Staff may be tempted to become an insider threat. Having a contingency plan in place to cope with an attack’s impacts is vital, as is access to professional cyber-expert help. Sit these core elements alongside enhanced staff training in today’s sophisticated phishing tactics, deep fakes and impersonation and back this with the use of VPNs for remote workers and the limiting of access to company passwords, and the AI-backed cyber threat has a much better chance of being repelled.

To discuss a cyber insurance policy that will provide the right level of assistance before and in the event of an attack, and to access help in preparing a cyber business continuity plan, speak to one of our brokers today.