In 2023, generative AI tools exploded onto the scene. It opened up a wealth of new possibilities but also plenty of controversy and concern as well. Artificial Intelligence (AI) is revolutionising yet challenging the domain of cyber security. In this blog we explore the multifaceted role of AI as a friend, foe, or perhaps both.
The Rise of Deepfakes & Generative AI
Advancements in AI have led to the inception of deepfakes and generative AI, creating hyper-realistic fabrications of reality.
AI can create audio and video deepfakes, which are synthetic media where a person in an existing image or video is replaced with someone else's likeness. These are used to impersonate individuals, often high-profile figures, to manipulate, extort, or spread misinformation. Deepfakes increasingly possess the unnerving ability to alter faces, mimic expressions, and synthesise voices. This technology has proliferated across the internet, leading to videos of world leaders with mimicked voices that have the potential to tarnish reputations, impersonate officials, or even impact financial and stock markets.
With major elections due to be held in the UK, USA and elsewhere in 2024 we can be sure that such tools will play a role. Outside influence from hostile states or just underhanded tactics by political groups will no doubt use deepfakes to try to sway voters and with the ability to spot disinformation becoming increasingly difficult the impact on the outcome of such elections could prove to be a threat to the democratic process itself.
More alarmingly, it aids in financial fraud through the generation of counterfeit IDs, social engineering and even voice impersonation. The proliferation of such technology necessitates a robust cyber security response to mitigate these risks.
AI's Role in Social Engineering
Social engineering attacks have taken a sophisticated turn with the integration of AI. Modern algorithms can now emulate human conversation so convincingly that they significantly amplify the potential for manipulation. AI-powered bots engaging in realistic interactions pose a formidable threat, making the detection of malicious intent more challenging than ever. Here’s just some ways AI is being used:
Phishing Attacks: AI can generate convincing phishing content by analysing large datasets of legitimate messages. It can customise phishing emails or messages to mimic the style or tone of communication from trusted individuals or organisations, making the fraudulent messages more convincing.
Automated Social Engineering: AI can automate the process of gathering information about a target through social media platforms and other public sources. It can then use this information to craft personalised and convincing attacks. Bots can engage targets in conversation on social platforms, gradually manipulating or extracting sensitive information.
Speech Synthesis and Voice Recognition: AI can mimic voices convincingly, leading to voice phishing (vishing). Attackers use synthesized voices of trusted individuals to trick victims into revealing sensitive information or making transactions.
Behavioural Analysis: AI can analyse the behavior of individuals on networks to understand when they are most vulnerable. For example, identifying when someone is likely to be less vigilant, such as late in the workday, and targeting them with attacks at that time.
Profile Cloning and Impersonation: AI can create fake profiles that look incredibly real on social networks. These profiles can be used to connect with individuals and gradually gain trust or to infiltrate groups to spread malicious content or spear phishing attacks.
Interactive Chatbots: Advanced AI chatbots can mimic human conversation, engaging potential victims in dialogue. They are used on websites or in messaging services to build trust or phish for information subtly over time.
AI's Impact on cyber security in 2024
In response to the growing threats, AI and generative AI technologies are increasingly incorporated into security tools.
According to a Twitter poll conducted by Integrity360 in 2023, 73% of respondents recognise AI's growing importance in security operations and incident response. AI's ability to process large volumes of data and triage information rapidly allows for more efficient security responses. It elevates the role of security professionals, enabling them to focus on high-value tasks and strategic defenses.
Despite the escalating threats, AI can also fortify defenses. As AI learns to discern normal behavior in specific environments, malware and other cyber threats must become more sophisticated and tailored to individual targets. Thus, as the threat landscape evolves, so too do the defenses, becoming more adept and resilient.
The role of MDR
As AI-enabled attacks increase, organisations need all the help they can get to keep pace with the speed, scale, and adaptive intelligence of this technology.
MDR might just be the resource these organisations require to regain the upper hand against AI threats. This service is composed of highly skilled cyber security experts who conduct 'managed detection and response' tasks for clients. These tasks encompass investigative threat hunting, 24/7 monitoring, identifying and responding to threats, as well as directed remediation.
A balanced approach to AI in cyber security
AI stands at the crossroads of promise and peril. Its capabilities to innovate and streamline are undeniable, yet it brings new vulnerabilities and challenges.
The key to harnessing AI's potential while safeguarding against its threats lies in informed and vigilant management. By understanding the complexities and staying ahead of the curve, we can navigate this dual-natured technological landscape, ensuring AI remains more of a friend than a foe in the realm of cyber security.
If you are worried about cyber threats or need help in determining what steps you should take to protect yourself from the most material threats, please Get in touch to find out how you can protect your organisation.