AI Attacks. Whats the risk?

Yesterday at 1st Tuesday I had the privilege of seeing Ashwin Ram and his talk on "Artificial Intelligence and the Evolving Threat Landscape: Preparing for What's Next"

While as a whole I believe AI is a net positive for society, Ashwin, Who works for Checkpoint (Don't hold that against him) spoke of the many dangers AI presents today and in the future.

Amusing was that fact that Ashwin and his research team had created Phishing scam (Not to be actually used of course!) with ChatGPT, using a specific URL.

The output was perfectly usable, made absolute sense, and would likely fool all but the keenest observer.

He then followed up asking ChatGPT if it had created ever created a phishing scam template , to which it denied. He then asked if it had created one using the specific host he mentioned. It denied that too.

While this is an amusing anecdote, it is also a little scary. AI can create output and then refuse to accept it has created this output, against it's own programming.

He also did the same and had ChatGPT create an advanced malware sample using a structured request designed to get around ChatGPT's filters. The output to my eyes, looks spot on. What does this mean? It means even the most inexperienced of attacker can create malware, and keep doing it. It's also going to get easier.

Another interesting anecdote was the executive from a fortune 500. He uploaded a document destined for the board in order to consolidate his findings. Of course AI not only corrected it for him, it learned from it. Those non public findings are now public and available as part of the dataset available for end users when asking questions.

Question: Does your organisation have an AI acceptable use policy?

Obviously defense capabilities are still in their infancy, with both Palo Alto Networks and Check Point Software (As well as others!) selling solutions which will help combat this, with the speed that AI based attacked are being developed, it's a constant battle, where if you fall behind, disaster can strike, quickly.

With the extremely small cost involved now in developing malware, we are going to find AI attacked targeting smaller and smaller organisations. No more is the old "I'm too small to attack!" matra going to stick. If you've got money, they want it.

I decided to ask ChatGPT what it's thoughts were on AI based attacks, and how best we can combat them.

"Hey ChatGPT, tell me about defending corporate networks from AI based attacks including custom malware and phishing."

Understanding the AI Threat Landscape

Before diving into defense strategies, it's essential to comprehend the AI-powered threats that your organization may encounter:

1. AI-Powered Malware: Cybercriminals leverage AI to create custom malware that can adapt, learn, and evade traditional security measures.
2. AI-Enhanced Phishing: AI can automate and personalize phishing attacks, making them more convincing and difficult to detect.
3. Scalable Scams: AI can automate the generation of deceptive content, such as fake news articles or social media posts, to manipulate public opinion or target individuals.

Defense Strategies

1. AI-Driven Security Solutions:

• Invest in advanced AI-based cybersecurity solutions that can detect and respond to AI-powered threats. These solutions use machine learning to analyze network traffic and identify anomalies indicative of attacks.
• Implement AI-driven threat intelligence platforms that can predict and preemptively defend against emerging threats.

2. User Education and Awareness:

• Train employees to recognize and report phishing attempts. Conduct regular cybersecurity awareness training to keep staff informed about the latest AI threats and scams.

3. Multi-Factor Authentication (MFA):

• Enforce MFA for accessing sensitive systems and data. Even if attackers steal login credentials, MFA can provide an additional layer of security.

4. Email Filtering and Anti-Phishing Measures:

• Implement robust email filtering solutions that can identify and block phishing attempts. AI-driven email security tools can help detect suspicious content and attachments.

5. Behavioral Analysis:

• Use AI to monitor user behavior and network activity. Deviations from established patterns can be flagged for investigation, helping to detect AI-driven attacks.

6. Regular Software Updates and Patch Management:

• Keep all software and systems up to date to patch vulnerabilities that could be exploited by AI-driven malware.

7. Incident Response Planning:

• Develop a comprehensive incident response plan that includes strategies for addressing AI-based threats. Ensure that your organization can quickly and effectively respond to security incidents.

8. Collaboration and Information Sharing:

• Collaborate with industry peers and share threat intelligence to stay informed about emerging AI threats and effective defense strategies.

Number 1? Invest in AI defense solutions. Again, this kind of technology is in it's infancy, and is not 100% effective. However, in conjunction with everything else listed there? I would absolutely recommend investigating it for your business.

Overall, AI attacks are a growing concern for businesses as AI technologies become more powerful and accessible. While the risk can vary, it's essential for organizations to take a proactive approach to cybersecurity, continually assess and improve their defenses, and stay informed about emerging threats to mitigate the risk of AI-based attacks. Investing in cybersecurity measures, employee training, and threat intelligence can help reduce the potential impact of these threats on a business.

Thanks to Laura F. and Kate Dill-Russell for running the latest 1st Tuesday, If anyone out there would like to start attending, please get in contact!

If you want to speak to someone about how we can help in defending your network, big or small, please contact Fastcom Limited or, Brent Addis directly.