BT identifying 2,000 signals a second indicating possible cyber-attacks

BT identifies 2,000 signals indicating a potential cyber-attack across its networks every second, it has revealed, amid an “AI arms” race between businesses bolstering their defences and increasingly sophisticated hackers.

The telecoms company – which owns the mobile operator EE and Openreach, which has the biggest broadband network in the UK and international business operations – said hackers were attempting to weaponise AI for cybercrime.

In the past year, BT’s digital surveillance of its networks has identified an increase of more than 1,200% in new malicious scanning bots attempting to access systems.

The company said this showed cybercriminals were scanning for vulnerabilities through automated, “one-time use” disposable bots to try to evade existing blocking and security measures.

“Today, every business is a digital business,” said Tris Morgan, the managing director of BT security, at the company’s Secure Tomorrow conference on Thursday. “Tools like AI provide new routes of attack, but they can also be the first line of defence.”

BT said its data showed that web-connected devices were scanned more than 1,000 times a day by known malicious sources. The company said that while just over a fifth of scans were for legitimate security monitoring, 78% were malicious, indicating that hackers were looking for weaknesses in the online systems.

BT said that its analysis showed that while the IT, defence, and financial services sectors were the most popular targets for cyber-attacks, retail, education and hospitality were becoming increasingly popular targets.

Recent high-profile companies targeted by cyber-attacks include Transport for London, which is still battling an attack declared earlier this month that has forced it to cut some live data feeds serving travel apps such as Citymapper and TfL Go.

On Thursday, police said they had arrested a teenager from Walsall in connection with the cyber-attack on TfL , while the transport body said it had discovered that thousands of customers’ details might have been accessed.

In June, the US company Ticketmaster, which is enmeshed in a backlash over its dynamic ticket pricing strategy for the Oasis reunion tour , was hit by an attack that could affect hundreds of millions of customers.

Ben Owen, the former spy who fronts Channel 4’s Hunted, said that AI had not only lowered the bar for “rookie” hackers but was increasing the volume of possible attacks.

“Businesses are connecting more devices and adopting new AI tools every day,” he said, speaking at the event at BT’s Adastral complex, near Ipswich. “But hackers are using the same tech to break their defences. It’s an AI arms race that companies can’t afford to lose.”

On Thursday, the government said datacentres would be designated as critical national infrastructure in an effort to protect them from cyber-attacks and IT blackouts.

Peter Kyle, the science, innovation and technology secretary, said: “The threat from cybercrime is growing as some criminal activity tries to use new technologies to attack the digital systems that underpin our economy.

“That’s why we are introducing new measures to bolster the UK’s cyber defences. These steps underscore our commitment to protecting our economy, public services and the wider public from evolving threats, ensuring the UK remains a world leader in cyber resilience.”