How the Bad Guys Use AI
Bad actors have harnessed AI’s power to develop and use new, more capable, and compelling threats, including zero-day threats. With AI, attacks can be more targeted and launched faster than ever before. In the hands of bad actors, AI is having multiple effects:
- AI technologies, such as generative pretrained transformers (GPT) or generative AI (GenAI) are lowering the barriers to entry for new bad actors. Today using this technology, a non-English speaker anywhere in the world can create compelling email phishing and social engineering attacks with native-English syntax.
- AI can be used to create new malicious code and greatly reduce, while simplifying, efforts to develop new malware.
- The use of deepfake technology by bad actors has already inflamed the political class and electorate and has made it feasible to commit large-scale cybercrime.
- AI could be used to detect and exploit application vulnerabilities more quickly, which opens the door to increased supply chain risk for organizations around the globe.
- AI can be used to create adaptive variants of malware and launch swarm and coordinated multi-vector attacks.
Today, malicious AI tactics cover the entire attack life cycle outlined in the MITRE ATT&CK framework. MITRE has developed a knowledge base called ATLAS (Adversarial Threat Landscape for Artificial-Intelligence Systems) detailing AI-based adversary tactics and techniques.2
Challenges Amplified
The challenges posed by the modern and ever-evolving threat landscape are exacerbated by the use of AI by bad actors, putting added pressure on already taxed IT and security teams. Securing the expanding network environment and attack surface from these new threats is more complicated than ever with challenges related to:
- Siloed visibility across their environments
- A lack of centralized and coordinated policy application and enforcement
- The use of many disparate security tools and consoles that make monitoring, alert triage, and incident investigation and response extremely time-consuming
- Ongoing difficulties in hiring and maintaining security expertise
Effectively dealing with AI will require organizations to reduce complexity and friction and streamline operations.