Australian firms face rising AI-powered cyberattacks threat

Australian businesses are facing a new wave of cybersecurity risks as cybercriminals increasingly leverage artificial intelligence (AI) to conduct more sophisticated attacks.

AI has rapidly changed the landscape of cybersecurity, affecting both defence and offence. Cybersecurity Operations Lead at Borderless CS, Himali Dhande, has warned that the current pace of change means traditional security measures are no longer sufficient in addressing the emerging risks associated with AI-powered threats.

New tactics in cybercrime

Criminals have been quick to adapt AI for their own purposes, using machine learning technology to automate attacks, analyse targets, and create advanced phishing campaigns. AI now enables attackers to craft highly personalised messages by analysing social media activity and communication styles. This allows them to make phishing attempts more convincing and thus more likely to succeed.

Attackers are also making use of deepfake technology, which involves realistic fake audio or video clips that can impersonate executives or trusted individuals to carry out fraud. Additionally, AI can be used to mimic normal user behaviour and bypass detection systems, scan vast networks for vulnerabilities in real time, and adapt their techniques based on continuous feedback from failed attempts.

Dhande explained, "AI offers a powerful new arsenal. It enables them to: Launch smarter phishing campaigns by analyzing social media and communication styles to craft highly personalized messages. Create deepfakes (realistic fake audio or video clips) that can impersonate executives or trusted individuals to carry out fraud. Bypass detection systems by mimicking normal user behavior, making malicious activity harder to detect. Scan for vulnerabilities in real time across vast networks, enabling faster and more widespread exploitation. Unlike traditional cyberattacks that often require manual effort and time, AI-driven attacks are automated, scalable, and incredibly adaptive. They learn from failed attempts and continuously evolve to find new ways in."

The impact on Australian businesses

Australian organisations from various sectors, including government, healthcare, finance, and small business, have seen a recent uptick in AI-enhanced phishing and ransomware attacks. Dhande commented, "In Australia, businesses are increasingly being targeted by these advanced threats. A recent surge in AI-enhanced phishing and ransomware attacks has shown that no sector is immune - from government to healthcare, finance, and small businesses. For many, the threat feels invisible until it's too late. That's why proactive cybersecurity is no longer a luxury - it's a necessity."

Strategies for staying ahead

Businesses are being urged to take proactive steps to defend themselves against AI-enabled threats. Five key recommendations have emerged:

Firstly, the adoption of AI-driven security tools is crucial. Such tools use machine learning to monitor user behaviour, detect anomalies, and automate threat responses. "The best way to fight AI is with AI. Modern cybersecurity platforms use machine learning to monitor user behavior, detect anomalies, and automate threat responses. These tools help identify suspicious activity that traditional systems may miss - often in real time," said Dhande.

Secondly, implementing a Zero Trust architecture is recommended. This principle involves continuous authentication for every user and device, regardless of their location within or outside the organisation's network. "The Zero Trust model operates on the principle of 'never trust, always verify.' This means continuous authentication of every user and device, regardless of whether they're inside or outside your organization's network. It significantly reduces the attack surface and makes lateral movement much harder for intruders."

Another key measure is workforce education. Employee training is encouraged to help staff recognise phishing attempts, deepfakes, and other suspicious activities. Dhande said, "Human error remains one of the leading causes of successful cyberattacks. Training employees to recognize phishing attempts, deepfakes, and suspicious behavior is critical. Simulated attacks, regular workshops, and clear reporting procedures can turn your employees into your first line of defense."

Additionally, the use of real-time threat intelligence is highlighted. This gives businesses visibility into the latest trends and indicators of compromise. Dhande noted, "Real-time threat intelligence gives businesses visibility into the latest cyberattack trends and indicators of compromise. With this information, organizations can update their defenses proactively and avoid falling victim to emerging tactics."

Finally, for many organisations, it may be beneficial to partner with a dedicated cybersecurity expert. "Managing cybersecurity in-house can be overwhelming, especially for small and mid-sized businesses. Partnering with a dedicated cybersecurity provider like Borderless CS gives you access to 24/7 monitoring, expert incident response, and tailored security strategies. Our SOC-as-a-Service and threat intelligence solutions are built to identify and neutralize threats before they impact your operations," said Dhande.

Future of AI in security

"AI isn't going anywhere - and its influence in cybersecurity will only grow. The future will see a continuous battle between AI-powered attackers and AI-driven defence systems. The winners will be the organizations that move quickly, adopt smarter technologies, and foster a culture of cybersecurity awareness from the top down. Cybersecurity is no longer just an IT issue - it's a boardroom priority. The more connected and automated our world becomes, the more critical it is to defend against invisible, intelligent, and increasingly autonomous threats. By staying informed, investing in modern defenses, and working with trusted partners, your business can turn cybersecurity from a vulnerability into a strategic advantage."