In today’s digital age, artificial intelligence has continued to evolve and integrate into various business operations, assisting efficiency and productivity. While AI has many benefits, it also presents challenges, specifically regarding cybersecurity.
Recent studies shared by Vasu Jakkal, Microsoft's Corporate Vice President of Security, Compliance, Identity, and Management, have illuminated the dark side of AI and its role in defense and offense strategies.
Here are a few facts:
- 75% of security professionals said there has been a rise in cyber attacks over the past year.
- 85% of these attacks attribute the increase to bad actors using generative AI.
(CFO).
What is the dark side?
According to Jakkal, hackers are utilizing “large language models” to assist them more quickly with their hacking tactics. Essentially, the language models will help with productivity and sophistication.
In a recent study, Microsoft teamed up with OpenAI, founder of ChatGPT, to illuminate precisely how attackers are using AI. The insights are quite alarming.
Similar to how businesses use Artificial Intelligence to help optimize work processes and finish tasks more quickly, malicious actors are using it to assist with identifying vulnerabilities and even learning computing codes.
As we have seen over the course of AI's rise, it has practically been of great assistance in the cyber world. Jakkal stated that it has been used for “information gathering, translation, code analysis, and spear phishing campaigns”. It is also important to note that LLMs can be used to crack passwords and spread misinformation.
In this study, Jakkal also said the “battleground of security” lies in identity. For example, brute force attacks on users show the relentless efforts of cyber attackers to infiltrate organizations, where 4,000 brute force attacks occur per second using AI. Malicious actors heavily use identity-related information to access more information.
Jakaal ended his conversation by stating, “What makes us human is our vulnerability, our curiosity…Everything that makes us human makes us vulnerable to these phishing attacks, so we continue to see those quite prominent attacks” (Quartz).
This discovery underscores the urgency of addressing AI-related cyber threats and implementing robust defense mechanisms.
In fact, just recently, Microsoft was attacked by hackers who targeted their email systems, where data was stolen, and their systems were affected.
All businesses should be on the lookout for cyber attacks.
In addition to Vasu Jakkal's insights, it is imperative to recognize how AI is now quite prevalent in cyber attacks and is not limited to only large-scale organizations. Small and medium-sized businesses are equally vulnerable to AI-driven cyber threats, often because of the lack of resources and expertise to combat such complex attacks.
Organizations need continuous monitoring and adaptive security controls in order to combat these threats. By staying vigilant, proactive, and adaptive, organizations can mitigate the risks posed by AI-driven cyber threats and safeguard their digital assets and sensitive information.
If you want to ensure your business is prepared for AI attacks, please contact us.