JAKARTA - The 2026 Global Incident Response Report from Palo Alto Networks' Unit 42, revealed that the use of AI has proven to increase the speed of attacks by only 72 minutes, quadrupling over the past year.
Senior Vice President of Unit 42 Consulting & Threat Intelligence at Palo Alto Networks, Sam Rubin said the complexity of the organization's system was precisely the gap that attackers took advantage of.
"The complexity of the organization has become the biggest advantage for the attackers. This risk is multiplied because the credentials are increasingly targeted by attackers, and they also use autonomous AI agents to bridge human and machine identities for independent actions," he said.
In the report, 87% of attacks involved two or more attack surfaces at once, ranging from endpoints, cloud computing, software-as-a-service (SaaS) platforms, and identity systems.
In addition, digital identities are the main entry point for attackers. Around 65% of the initial access of attacks comes from identity-based techniques such as social engineering and credential abuse. Meanwhile, system vulnerabilities account for around 22% of all attacks.
Browsers are also the main battleground in modern cyber attacks. Around 48 percent of attacks involve browsers, which are used to steal credentials or bypass local security controls.
The Palo Alto Networks report also found that another rising threat is attacks on third-party SaaS application supply chains.
The number of attacks of this type has increased 3.8 times since 2022 and now accounts for about 23% of total attacks, with perpetrators using OAuth tokens and API passwords to move laterally within the system.
To deal with increasingly fast attack cycles, Palo Alto Networks recommends a new security approach that goes beyond traditional perimeter protection.
Some of the recommended steps include:
Fortify security operations centers with AI and automation to respond to attacks within minutes Integrate security from the software development stage Modernize digital identity management, and Implement a zero trust security model that verifies every interaction in the system on an ongoing basis.The English, Chinese, Japanese, Arabic, and French versions are automatically generated by the AI. So there may still be inaccuracies in translating, please always see Indonesian as our main language. (system supported by DigitalSiber.id)
