Thoughts on countering AI-powered cyber threats

As exciting as AI and gen AI are, we all know there are concerns about their misuse and risks. These necessitate considerations in strategy and approach to protect environments and reap the benefits.??

Cybercriminals are eager to use the potential of gen AI, leading to more gen AI-powered attacks. Accenture Cyber Threat Intelligence research indicates there has been a notable surge in ransomware attacks, for example, which have risen 75% since the launch of ChatGPT at the end of 2022.? ?

Most attacks we see are through social engineering—phishing attacks that are no longer mass spam campaigns but instead highly tailored and sophisticated. They may be deepfakes of company executives presenting realistic requests. These types of attacks are typically more difficult to detect, and their numbers have also surged since the launch of ChatGPT (SlashNext State of Cyber Phishing Report 2023).??

We are also seeing threat actors experiment with dark LLMs to create ransomware, which is distributed with high levels of obfuscation. And we are seeing threat actors move from pure ransomware to data-driven ransomware in order to tune data to launch sophisticated secondary and tertiary attacks against organizations. Attacks like these are new, and many organizations are not prepared to handle them.?

AI also exposes new risks in terms of AI models and dependent business operations. Manipulation of training data, such as data poisoning, which can lead to distorted results, outcome biases, and damaged business insights.?Prompt engineering can lead to unintended data disclosure.

What can organizations do??

Gen AI exposes organizations to a broader threat landscape, more sophisticated attackers, and also new points of attack. In this new world, organizations need to actively develop and customize defenses against gen AI attacks.??

As organizations introduce AI-driven tools, data needs to remain secure first and foremost. Information security policies, standards, and technical hygiene requirements are foundational to the security of AI solutions. These complement legal considerations of responsible AI and protections of intellectual property.?

Four key steps organizations can take now are:?

• Incorporate gen AI security in Governance, Risk, and Compliance (GRC) to establish a clear governance framework, policies, and processes.?

• Make sure security is “built in” to gen AI projects to enable business agility and scalability while confirming security controls are in place.?

• Maintain good data security controls (for example, encryption and key management, access management) to confirm your IP is protected and to prevent unauthorized access to sensitive information.?

• Establish employee training that outlines the rules and risks of leveraging generative AI; this includes establishing and communicating new policies that explain the risks associated with gen AI and suggested usage.?

On my wish list?

AI-assisted technology to counter AI-powered threats is still immature but evolving. Security product vendors are committing to and investing in AI-driven tools, but development is generally in the nascent stage.??

One use of AI I’d like to see is using AI to orchestrate the various tools organizations use. This capability would greatly help on the prevention front. It would help do more remediation faster and help alleviate the global shortage of security talent.?

Another use is of course some type of intelligent SIEM that doesn't rely as much on custom rules, but uses some AI smarts and patterns. Being able to see threats evolving and ultimately intervening in an automated way would be a huge leap in defense.??

As I covered in my previous article, AI and gen AI hold incredibly positive potential, but that potential needs to be pursued with defensive and responsible AI considerations as well.?

For more from Accenture on this topic, take a listen to a recent Accenture AI Leaders Podcast (episode 60) where I join Robert Boyce, Accenture global Cyber Resilience Lead, as we discuss AI’s potential to innovate cyber defense but also cover concerns about AI-generated attacks.?

See also an Accenture report, Redefining resilience: Cybersecurity in the generative AI era.?

I’d love to hear your thoughts and what you’d like to see. Let’s share what we know to secure what we must.?

?