AI-powered attacks are a reality that cyber security teams face every day. However, defensive AI solutions also offer organizations the ability to protect against these threats in the future. As the old expression goes the world of cyber security is no different. Artificial intelligence (AI) based cyber-attacks allow hackers to penetrate networks and find critical data assets before security analysts can detect them.
Unfortunately, AI-powered attacks are not a science fiction invention, but a reality that security teams face every day.
For example, the widespread adoption of generative AI tools, such as ChatGPT and Bard, appears to have led to a dramatic increase in phishing attacks. A report by cyber security vendor SlashNext found that there has been a 1,265% increase in malicious phishing emails since the launch of ChatGPT.
2024 Cyber security And AI Revolution:
For years, defenders have debated how AI can be used in cyberattacks, and the rapid development of large language models (LLMs) has raised concerns about the risks they present.
In March 2023, anxiety over automated attacks was so great that Europol issued a warning about the criminal use of ChatGPT and other LLMs. Meanwhile, NSA Cybersecurity Director Rob Joyce warned companies to “ buckle up ” against the weaponization of generative AI.
Since then, threat activity has been increasing. A study, published by Deep Instinct, surveyed more than 650 senior security operations professionals in the US, including CISOs and CIOs, and found that 75% of professionals witnessed an increase in attacks in the last 12 months.
Suppose we identify 2023 as the year that generative AI-led cyberattacks moved from a theoretical to an active risk. In that case, 2024 is the year organizations must be prepared to adapt to them at scale. The first step to this is understanding how hackers use these tools.
Exploiting Large Language Models in Cyber Security
There are several ways threat actors can exploit LLMs, from generating phishing emails and social engineering scams to generating malicious code, malware, and ransomware.
Mir Kashifuddin, Head of Data Privacy and Risk at PWC US, told Techopedia:
The accessibility of GenAI has lowered the barrier to entry for threat actors to exploit it for malicious purposes. According to PwC’s latest Global Digital Trust Insights survey, 52% of executives say they expect GenAI to cause a catastrophic cyberattack in the next year.
Not only does it allow them to quickly identify and analyze the exploitability of their targets, but it also allows them to increase the scale and volume of attacks. For example, using Gen AI to classify a basic phishing attack quickly makes it easy for adversaries to identify and trap susceptible individuals.
Use of AI In Cyber Security Good
As concerns about AI-generated threats grow, more organizations are looking to invest in automation to protect against the next generation of fast-moving attacks. According to a study by the Cyber Security Industry Association (SIA), 93% of security managers expect generative AI to impact their business strategies in the next five years, and 89% have active AI projects in their research lines. and development (R&D).
After all, if cybercriminals can create large-scale phishing scams using language models, defenders need to increase their ability to defend against them, since relying on human users to detect scams every time they encounter them isn’t enough.
At the same time, more organizations are investing in defensive AI because these solutions offer security teams a way to reduce the time needed to identify and respond to data breaches while freeing up the manual administration required to run a center. security operations team (SOC).
Organizations cannot afford to manually monitor and analyze threat data in their environments without the help of automated tools because it is too slow, especially considering a 4 million cybersecurity workforce shortage.
Part of these defenses may involve using generative AI to sift through threat signals, one of the core values of LLM-based security products launched by vendors such as Microsoft, Google, and SentinelOne.
The Role of LLMs in the Cyber Security Or AI Market
One of the most significant advances in cybersecurity AI came last April when Google announced the launch of SEC-PaLM, an LLM designed specifically for use in cybersecurity, which can process threat intelligence data to deliver capabilities detection and analysis.
This release led to the development of two interesting tools: VirusTotal Code Insight, which can analyze and explain script behavior to help users identify malicious scripts, and Breach Analytics for Chronicle, which automatically alerts users about active breaches in the environment along with contextual information so they can keep track.
Similarly, Microsoft Security Copilot uses GPT4 to process threat signals taken from a network and generates a written summary of potentially malicious activity so human users can investigate further.
While these are just two products that use LLM in a security context, more broadly they highlight the role they play in the defensive landscape as a tool to reduce administrative burdens and improve contextual understanding of active threats.
Conclusion Of Cyber Security And Ai
Whether AI is a positive or negative for the threat landscape will depend on who does it better: attackers or defenders.
Let’s assume that defenders are not prepared for an increase in automated cyberattacks in the future. In that case, they will be vulnerable to exploitation. However, organizations that adopt these technologies to optimize their SOCs not only have the option to avoid these threats, but they can also automate the less rewarding manual work in the process.