Four thousand password attacks per second in the world: how the misuse of artificial intelligence drives the rise of cyberattacks

Luisa Esguerra, Security Solutions Manager at Microsoft SSA explains that cybersecurity should be at the center of all technological operations, no matter how big or small the company is. According to Esguerra, the IA has become a weapon for cybercriminals, who can now automate attacks at unprecedented speeds.

This trend is corroborated by Vasu Jakkal, Vice President of Security at Microsoft who points out that “we face one of the most complicated threat landscapes in history. The number of password attacks is 4,000 per second. Two years ago, we had 567 attacks per second. This type of crime is increasing,” he details.

While 48% of cyberattacks are aimed at financial gain, the remaining 52% focus on activities such as espionage, hacktivism or destabilizing governments. This increase in cybercrimes not only threatens the sensitive information of companies and governments, but could also affect countries’ critical infrastructure, such as energy networks and financial systems. The consequences of a large-scale attack can cause significant disruptions to daily life and lead to billions of dollars in economic losses.

Jakkal also highlights the speed with which these attacks occur: “The amount of time it takes for attackers to break into our systems and gain access to data has been dramatically reduced. It takes an average of 72 minutes from when someone accidentally clicks on a phishing link until an attacker gets into your system and gets your data, and even your entire inbox.”

How to protect yourself in a hostile digital environment

Faced with this increase in the sophistication of attacks, prevention has become more critical than before. Luisa Esguerra highlights that preparation and resilience are the keys to mitigating the damage caused by cyberattacks. If a company is not prepared to deal with a cybersecurity incident, the consequences can be devastating. “It is necessary for organizations to identify their most vulnerable assets, such as sensitive databases or key infrastructure, and protect them appropriately,” he recommends.

One of the most effective strategies to minimize cyber risks is to implement advanced technologies that not only detect anomalies and warning signs in real time, but also act proactively to contain threats before they cause further damage. Esguerra compares this technology to a security camera system in a building: “If you detect an intruder on the first floor, you can stop them before they reach the fifth.”

Likewise, cybersecurity systems based on artificial intelligence can monitor large volumes of data, identify suspicious behavior and neutralize possible attacks from their early stages. This early detection capability is not only important for preventing the spread of an attack, but also reduces response time, allowing organizations to contain the threat before it impacts their critical operations or exposes sensitive information. Furthermore, the expert highlights that these advanced solutions must be integrated with other mechanisms, such as multi-factor authentication and the creation of a cybersecurity culture, to guarantee more robust and efficient protection.

“Employees are often the weakest link in the security chain. The use of weak passwords or the lack of multi-factor authentication are common mistakes that make the work of cybercriminals easier,” he warns. Training employees and ensuring they follow rigorous security protocols is essential for the comprehensive protection of the organization. Regarding authentication technology, Esguerra recommends that companies eliminate traditional passwords and adopt more secure methods, such as biometrics or security tokens. These systems, such as facial recognition or fingerprints, are much more difficult to hack than conventional passwords, which can be easily compromised by advances in artificial intelligence.

How do today’s cybercriminals act?

Artificial intelligence has not only revolutionized cybersecurity defenses, but has also empowered attackers’ tactics. The same technology that allows threats to be detected and prevented is used by cybercriminals to perfect their attacks and increase their effectiveness. Vasu Jakkal, warns that “artificial intelligence is already being used by attackers to do things like reconnaissance, find information about targets, create malware and launch phishing attacks. We will see more password cracking and deepfakes in the near future.”

This means attackers can use AI to analyze large volumes of data and find vulnerabilities with unprecedented accuracy and speed. Additionally, the automation offered by artificial intelligence allows them to scale their operations, launching massive attacks that would be impossible to coordinate manually. For example, AI can generate personalized phishing emails in a matter of seconds, increasing the chances of success in these deception attempts. As new techniques are developed, such as AI-powered password cracking and the use of deepfakes to impersonate people, the threat landscape continues to become more complex.

Artificial intelligence is also an ally in security

Although AI has facilitated the expansion of cybercrimes, it can also become a valuable tool in combating digital crime. Andrés Rengifo, Director of Corporate, External and Legal Affairs at Microsoft SSA, indicates that artificial intelligence allows companies and organizations to detect patterns in data that humans could not identify, which improves the ability to respond to threats.

One of the biggest benefits of artificial intelligence is its ability to automate the detection of cyber threats in real time. “With the massive volume of data circulating today, traditional systems are not sufficient to analyze and respond to attacks effectively. However, the IA can analyze large amounts of information and detect irregularities more quickly and accurately than any human being. This not only allows for a more agile response, but also for better prevention of possible incidents.

In addition to its potential in cybersecurity, AI can drive significant advances in other areas. Rengifo emphasizes that by increasing trust in artificial intelligence, people and organizations will be able to reap its benefits without fear. “This is what happened with the adoption of past technologies, such as trains or automobiles, the key to integrating AI into society is to generate an environment of trust and security,” exemplifies Rengifo.

How to use artificial intelligence responsibly?

Microsoft has developed a set of standards to guide companies that decide to integrate artificial intelligence into their cybersecurity systems, with five key pillars:

• Responsibility: refers to constantly evaluating the impacts of artificial intelligence, monitoring any adverse effects and ensuring human control over systems, which helps prevent unwanted results or unexpected risks.
• Transparency: provide clarity in the operation of artificial intelligence, making the decisions it makes understandable to everyone and ensuring effective communication with key stakeholders.
• Equity: eliminate bias, ensuring that artificial intelligence does not perpetuate stereotypes or generate discriminatory results, thus promoting equal opportunities in all areas.
• Reliability and security: ensure that artificial intelligence systems are continuously monitored to prevent failures, while constant feedback and evaluation mechanisms maintain the highest standards of safety and quality.
• Privacy and inclusion– Ensure that all technology solutions strictly comply with privacy policies and are accessible to all people, regardless of their abilities.

Regulatory challenges: an uncertain future

Despite efforts to ensure the correct use of the artificial intelligencethere are still important challenges that must be addressed. Andrés Rengifo warns that the lack of updated regulatory frameworks is one of the biggest obstacles to the safe development of AI. “While Europe has made progress in creating regulations to regulate AI, many other regions are falling behind,” he notes. This lack of regulation exposes companies and governments to a greater risk of cyberattacks and abuses in the use of technology.

Intellectual property is another significant challenge. The ability of artificial intelligence to generate original content, whether text, images or music, has sparked debates about copyright and ownership of the final product. These legal issues have not yet been resolved, which adds a layer of complexity to the widespread use of this technology.

Finally, lack of trust in AI remains a major obstacle. For artificial intelligence to be widely and responsibly adopted, companies and users must be confident that systems are secure, reliable, and ethically designed. While the benefits of artificial intelligence are diverse, the regulatory and ethical challenges raise questions that have yet to be answered.