We have now entered into the “Era of AI Hacking”, according to NBC News, who have reported on a substantial increase in the number of reported threat incidents where AI has been used as a tool. Examples include impersonation, phishing, and wire transfers.

t was announced over the summer that the government document filesystem PACER, which allows authorized users access to case information, was breached by threat actors who had access to informant identities, sealed case documents, and other confidential legal and criminal information, according to Politico.

In August, the U.S. Chamber of Commerce released its fourth edition of Empowering Small Business: The Impact of Technology on U.S. Small Business. The report highlights how small businesses are using technology to grow, adapt, and stay competitive. 

AI Is Delivering Results 

Generative AI use among small businesses has jumped to 58%, more than doubling since 2023 (23%). Businesses using AI are seeing real gains: 85% reported increased sales, 84% saw higher profits, and 82% expanded their workforce.

AI adoption is booming—but so is cybercrime. Programs disguised as popular AI tools that contain malware are being planted by threat actors hoping to deceive companies jumping in and adopting AI. According to Cisco Talos, Cisco's "threat intelligence research organization", these programs may be downloaded by accident due to search result manipulation, in which tactics are used to make the illegitimate programs appear higher in the search results than others.

In an article titled Healthcare Data Breach Statistics, HIPAA Journal revealed that 2024 saw the single largest healthcare data breach on record, affecting 190 million individual records. This followed a record-breaking 2023, which saw 725 breaches containing over 133 million records exposed.

A 19-year-old from Massachusetts has pled guilty to being behind last year’s PowerSchool data breach, which affected 18,476 Massachusetts residents, with some students, families, and staff having their social security numbers and medical records exposed.

In April, Direct iT President and CEO David Javaheri flew out to a cybersecurity conference to present on the same stage as business luminaries Daymond John, Robert Herjavec, and Kevin O’Leary.

 

Javaheri believes that small businesses are being targeted by threat actors more frequently than ever before.

The FBI's Internet Crime Complaint Center (IC3) has issued an alert regarding a smishing scam impersonating road toll services. Smishing, a form of phishing that uses text messages to deceive recipients into providing personal information or clicking on malicious links, is a growing threat as more people rely on their mobile devices for communication and transactions.

According to a blog post on their website, Socure, a “leading provider of AI-powered digital identity verification and fraud prevention solutions”, has identified “over 9,100 fraudulent checking and credit applications spanning multiple financial institutions” that are created with the stolen identities of Massachusetts residents born between 1975 and 1990.

The attackers have been using specific email domains, such as Outlook.

The United States Attorney’s Office for the District of Massachusetts has secured the forfeiture of over $5 million, originating from victims of a sophisticated business email compromise (BEC) scheme. A BEC is a type of cybercrime where attackers use email fraud to deceive organizations into transferring money or sensitive information.