Artificial Intelligence bolsters growth of cyber-attacks, audacity of cybercriminals

/in


Listen to this article

A year out from generative AI’s widespread release to the public, cybercriminals continue to finesse AI tools to bolster the scale, speed, scope, and stealth of their activities.

Horton

“AI-driven cybersecurity threats are developing at a place that we have not seen before due to advancements in machine learning and the ability to amplify existing attack methodologies,” said Brendan Horton, a security analyst in the FoxPointe Solutions Information Risk Management Division of The Bonadio Group

From January to February 2023, researchers from Darktrace – a global leader in cybersecurity AI – saw a 135% increase in novel social engineering attacks, corresponding with the widespread adoption of ChatGPT, which was released to the public in October 2022.

“AI isn’t really a new technology, but it has gained a new attraction in recent years,” Horton said. “Now with generative AI tools you don’t really have to be a sophisticated cybercriminal to launch a cyberattack.”

These cyberattacks include AI-powered botnets (a network of hijacked computers) and enhanced social engineering and phishing campaigns which are increasingly easier for employees to fall for.

Miller

“From a business standpoint, phishing emails that can lead to either ransomware or other threats are becoming more adaptive and they’re becoming more authentic because of AI,” said Tim Miller, chief information officer at Community Bank, N.A.

For example, in pre-generative AI, a phishing email sent to an employee in Rochester by an overseas bad actor pretending to be a vendor in Buffalo could have linguistic red flags that would alert the employee not to respond.

“AI doesn’t make mistakes like misspellings,” said Horton. “Now with generative AI, we are seeing highly personalized messages that seem a lot more credible and are difficult to distinguish as threats. We’re also seeing more deep fake technology emerging with deep fake photos and audio.”

Overall, it’s vitally important for organizations to continue to conduct solid cyber-hygiene, educate their employees regularly on continuously evolving cyber threats, and not be afraid to use AI to their advantage.

“This…

Source…