Understanding the security risks of AI is critical to safeguarding your business in today’s digital landscape. While AI offers significant opportunities across various industries, it also introduces new vulnerabilities to cyber threats. With the rise of unknown and zero-day threats emerging daily, hackers now have more sophisticated tools to exploit businesses and profit from cyberattacks.
Read on as we explore the many roles of AI in cybersecurity, demonstrating how it can both strengthen defences and unintentionally assist malicious actors in our increasingly open digital world.
The two sides of AI
AI is transforming business productivity and creating efficiencies like never before. However, AI is not just a tool in the hands of innovators; it’s also becoming a weapon for cybercriminals. The use of large language models (LLMs), such as ChatGPT and Microsoft Copilot, makes it a lot easier for cyber criminals to write malicious code or generate highly convincing and difficult-to-detect phishing emails.
In addition to ChatGPT, a range of other advanced AI technologies exist that can be misused by cybercriminals. These sophisticated AI tools enable them to target vulnerabilities, automate attacks, and develop more sophisticated methods of breaching security systems. These powerful tools allow bad actors to compromise even highly secure systems, posing a serious threat to sensitive information.
As AI advances, so do the strategies of cybercriminals, emphasising the need for strong and proactive cybersecurity measures.
How do hackers use AI in their attacks?
Sophisticated Malware
AI technologies, including ChatGPT, have the potential to create malware. Although ChatGPT can detect and reject requests to write malware code, as with many other requests that may seem harmful or criminal, cybercriminals can bypass these measures and easily get around them. By providing a detailed explanation of the steps to write the code instead of a direct request, ChatGPT will fail to identify this as a request to write malware and can effectively write it.
Cybercriminals with limited coding knowledge can exploit platforms to generate malicious code that bypasses traditional security measures. Being aware of threats and implementing the necessary steps to protect your organisation’s IT assets from malicious code is essential.
Personalised Phishing Attacks
Generative AI technologies such as ChatGPT and Microsoft Copilot can mimic human communication and can be used to generate content in a way that seems like it was written by a real person. Although this is an extremely powerful capability, it also opens the door for potential misuse, including criminal activities.
One of the most common signs of a phishing email is bad spelling and grammar mistakes. However, cybercriminals are now using AI technologies to create phishing emails that appear more convincing. By using AI, attackers can generate sophisticated emails that closely mimic genuine language, making it challenging for individuals to distinguish between legitimate and fraudulent messages.
Voice Manipulation and Vishing
AI’s capability to mimic text extends to voice cloning through sophisticated text-to-speech technologies. Vishing, a form of phishing carried out via phone or VoIP systems, becomes significantly more dangerous with the use of AI-powered voice cloning. Technologies like ElevenLabs can analyse and replicate a person’s voice, capturing details like pitch, tone, and accent, to produce speech that sounds identical to the original.
In a vishing attack, cybercriminals can use this cloned voice to impersonate trusted individuals, such as colleagues or superiors, tricking victims into divulging sensitive information. While there are genuine reasons for the use of this technology such as in customer service or TV and film, when misused, it presents a serious threat, enabling attackers to deceive victims with convincing impersonations.
Password Cracking
Tools powered by AI, such as PassGAN can compromise passwords in mere seconds by using a Generative Adversarial Network (GAN) to learn from real-world leaked passwords. Unlike traditional methods that require manual analysis, PassGAN automatically identifies patterns and methods used to create passwords, making the cracking process faster and more efficient, posing a significant threat to online security.
According to a 2023 study by Home Security Heroes, PassGAN can crack 51% of common passwords in under a minute, 65% within an hour, 71% in a day, and 81% in a month. Even 7-character passwords with symbols take less than 6 minutes to break. However, passwords longer than 18 characters, especially those containing symbols, numbers, and mixed-case letters, are significantly more secure, taking up to 6 quintillion years to crack.
How AI and machine learning can protect your business:
While AI introduces new risks, it also offers significant advantages in strengthening cybersecurity. Modern security solutions increasingly use AI and machine learning to identify and respond to threats more efficiently. These technologies allow the development of adaptive security systems that evolve with emerging threats, offering better protection over time.
For example, Endpoint Detection and Response (EDR) is an AI-powered anti-malware solution that monitors and analyses network behaviour, enabling fast detection and response to potential threats before they cause damage. This provides more time to identify root causes and fix vulnerabilities.
Similarly, Security Information and Event Management (SIEM) systems harness AI to process vast data streams, offering real-time threat detection and response. SIEM is particularly beneficial for organisations with complex networks and large data volumes.
Trying to protect your business can be overwhelming when the threat seems to increase by the day. However, proactive ways to strengthen cybersecurity for your business can be as simple as following the steps outlined below.
How can we combat AI security threats?
It is important to take preventive measures to protect yourself and your business. This can reduce the risk of being targeted by malicious activities. Below are several steps you can take:
- Multi-factor authentication (MFA): MFA helps prevent attacks by requiring users to provide multiple pieces of evidence to verify their identity. This typically includes something the user knows (such as a password) or something they have (such as a device or a smartphone). MFA makes it significantly harder for AI-driven attacks to gain unauthorised access. Even if an attacker manages to compromise one factor, the additional layers provided by MFA act as a strong barrier, making it harder for attackers to go any further.
- Using a password manager: Using a password manager will revolutionise the way you log in to your accounts – they help you create and store complex, unique passwords in a secure vault, removing the need to memorise them. By using a password manager, you can reduce the risk of data breaches caused by poor or reused passwords by 80%.
- Practising good cyber hygiene: Cybercriminals are much more likely to target those who lack security knowledge than IT professionals who will recognise a phishing or impersonation attempt. Cyber security awareness is critical so that your employees understand the risks, know how to spot threats and take the right actions accordingly.
- Keeping software up to date: Using outdated software increases the risk of a cyber-attack or breach, due to older versions of software being an easier gateway for cyber criminals by not having the latest security features. Hackers can find vulnerabilities in older systems and software that have not been updated with security patches or software updates.
- Using an email security solution: Implementing an email security solution, like Air IT E-mail Security, provides advanced protection against threats. It uses sophisticated, multi-layered detection engines and the latest threat intelligence to stop malware, spear-phishing and zero-day attacks. The software provides complete protection from malware and is highly effective in protecting against spam.
- Implement a data backup plan: It’s essential to have a data backup plan in place to ensure your business operations can continue should the worst happen. Transferring a copy of your backup data to a remote or cloud server will offer additional protection and make it easy to access your data, even if the primary backup becomes unavailable.
- Using a managed DMARC solution: A managed DMARC solution offers advanced protection against email-based threats by using sophisticated authentication and threat intelligence to prevent spoofing, phishing, and other malicious activities. By ensuring that only legitimate emails are delivered, it significantly reduces the risk of email fraud and enhances overall security.
AI is a transformative force. It offers boundless possibilities while introducing new cybersecurity challenges. By acknowledging the many roles of AI and adopting a proactive approach to digital security, we can embrace innovation without compromising safety.
Webinar: How is AI Impacting Email Security?
Join our CRO, Spencer Lea, and Dr Kiri Addison, Senior Product Manager at Mimecast, for an in-depth discussion on the impact of AI on email security.
With 75% of employees now using AI in the workplace, the technology offers immense potential, but it also presents new risks. Learn how cybercriminals are using AI to enhance their attacks and what you can do to stay ahead.
Plus, all attendees will receive a free threat scan, offering insights into your organisation’s security posture. Secure your spot now.
