The disruptive power of AI in cyber security. Is it a friend or foe?
Artificial Intelligence (AI) is disrupting the cyber security landscape. Providing advances for cyber defence, but also providing advances for cyber-attackers. AI is walking a fine line between being a friend or a foe for business cyber security.
What is AI?
AI is the acronym for Artificial Intelligence. AI is the simulation of intelligence that you would associate uniquely as a human capability, recreated within technology. IBM define it as “technology that enables computers and machines to simulate human intelligence and problem-solving capabilities.”
No matter what your opinion is on this technological advancement, it is a tool which is being used and will continue to be used. It is changing the business landscape in many ways.
Top AI benefit to businesses, according to Bing
If you ask Bing what the main use of AI is in business today it will tell you that it is for improving customer service.
Chatbots are the obvious way in which AI is being used to improve customer service. It is a form of AI you are most likely familiar with and will encounter regularly when reaching out to companies or browsing the web.
Whether you view this advancement and interaction positively or negatively as a consumer is a topic for another time. For businesses, Chatbots provide advantages in efficiency, cost and analytics. In the cyber security landscape AI is being used because it brings similar benefits.
Benefits to cyber security
Forging defence systems which are more robust and responsive at the sign of attack is at the forefront of many current developments in cyber security. Traditionally cyber-security responses to hackers have been more responsive due to the scope of data being surveyed and the capacity of professionals trained in the field of cyber security.
With the advent of AI and the huge leaps forward it has taken in the last few years, the technology is now at a point where the intelligence can be used to interpret data and algorithms on a greater scale than the current human workforce. Cyber security has two significant challenges which AI technology is providing solutions for:
- A skills shortage in cyber security professionals exists in the UK with 50% of businesses reporting a cyber security skills gap. A further 33% businesses also have an advanced cyber security skills gap.
- The scope of data which needs to be scanned and is spread out across an infrastructure which was not designed with cyber criminals in mind. The task is therefore enormous.
Provides capability
The amounts of data created from the use of complex infrastructure results in vast data piles which needs to be scanned for threats to prevent criminal incursions. Traversing the maze of infrastructure is leaving blind spots which are being exploited.
In the past, defence can be described as reactive to an attack. It’s like being one step behind. AI provides the capability to be proactive. It provides the capability to spot unusual activity by a user once it is trained in what to look for.
Cyber security defences need to respond quickly and not reactively to be more effective.
Makes defence more effective
AI brings the following capabilities to defence systems:
- Speed
- Precision
- An ability to sift through more data than a human can
- Continuous scanning
- It can learn what patterns to look for in data and spot unusual data patterns.
Speed and precision are key to being effective in defending against cyber-crime and AI provides that capability for defence systems. The unending ability of the machine once it has learned to detect unusual data patterns means that defences are actively checking for breaches constantly.
Detects Patterns
Being able to highlight the unusual data patterns and then flag them, allows the humans assessing data to be more effective in their roles too. They are checking data which is identified as being unusual which means that hackers on a system are more likely to be identified earlier. This will prevent more attacks from escalating and impacting business operations.
It must be said that things will still slip through, but the use of AI in this field has a positive wider reaching impact. Businesses will have more robust security systems and fewer holes which can be exploited. The use of AI is not however all positive for businesses. AI has not only changed the defence landscape; it has also changed the attack landscape.
Changes to the attack landscape
AI has armed cyber criminals with a whole new arsenal of tools which are more efficient, more believable, and readily created and replicated. So while defences have strengthened, attacks have improved. The main reason for this is the exploitation of generative AI by cyber criminals, a tool which many businesses are also taking advantage of.
What is Generative AI?
Generative AI is when artificial intelligence is used to create content. The artificial intelligence follows parameters provided by a user to create content. Content can be pictures, words, music, songs.
Generative AI is creating media in personal and professional life, but it is not only being used for lawful purposes. Cyber criminals are utilising this tool, and it is the success and scope of their cyber-attacks that is creating the challenge to cyber security.
Challenges to cyber security
Cyber-attacks are increasing. In 2024, it is currently expected that the cost of cyber-attacks will reach a total of $9.5 trillion globally. This is a cost which is only expected to rise as attacks become more sophisticated and convincing. Generative AI is arguably the tool which is going to give cyber-criminals that extra convincing edge.
The 2024 cyber security breaches survey conducted by the government shows that 50% of businesses have experienced a cyber-attack in the last year. Of that 50% of businesses attacked, a huge 84% of breaches were done using phishing.
Phishing
Phishing is a type of email cyber-attack which appeals to human emotions. Phishing attacks use deception, combined with an emotive appeal to human emotion to hook the user and get them to act with urgency. Attackers use this method to gain access to your data.
The ease of availability in generative AI tools, such as ChatGpt and Copilot, give the phishing technique a boost. Instead of having to perform hours of research and craft a compelling email, cyber criminals can simply get the bot to craft the email for them.
By feeding in parameters for the content the bot generates convincing content. This means that the criminals have become more efficient and are now capable of sending larger numbers of speculative phishing emails than ever before. This will in theory give them a higher success rate as their scope is increased.
Using the same tools as businesses
Just as criminals have found generative AI capable of compiling compelling content, so to have UK businesses. UK government data shows that of the businesses choosing to incorporate AI into their operating structure, 5% use it for computer vision and image and processing.
As a business it is easy to forget that your compelling AI campaign created for value on free software is also available to a criminal. A criminal who can utilise the software to create equally compelling content that will drive you to act.
The evolution of cyber crime
On 24th January 2024, a report was published by the NCSC which addressed the growing concern of AI as a tool for cyber criminals. In the report, NCSC CEO Lindy Cameron said:
“The emergent use of AI in cyber attacks is evolutionary not revolutionary, meaning that it enhances existing threats like ransomware but does not transform the risk landscape in the near term.”
The use of AI in cyber crime is being seen as an evolution due to the scope of technology available to us. It is not technology that has been created to revolutionise crime, but rather technology is a tool which has evolved with time. Just as this technology is now enhancing the capabilities of businesses, it is enhancing the capabilities of criminals to commit cyber attacks.
AI enhances other forms of cyber-attack
Deepfake email communication which is being enhanced by the use of AI is not the only type of cyber-attack AI is being used for. Other cyber attacks being given a boost with AI include:
· Malware
· Deepfakes
· Ransomware attacks
Malware
A type of intrusive attack where malicious software invades a computer system to steal, damage or destroy data. Hackers are using generative AI to create software which is more advanced and that can bypass firewalls more readily. Generative AI is giving cyber-criminals the capability to evolve their attacks at speed. Malware is being generated that is able to circumvent and exploit holes in security more readily, giving the cyber criminals the capability to be more successful.
Deepfakes
The use of deepfakes links to cyber attacks which use social engineering to dupe users into opening harmful emails. Generative AI can create voice content for phone calls, text messages and visual messages. This content is often manipulated to seem as though it is from company executives, which means employees can be easily conned into breaking business protocols. An article by The Guardian on 10 May 2024 reports the dangers of convincing deepfakes and provides a current case study for us to look at.
Case Study – WPP
Mark Reed, CEO of WPP, the largest global advertising and public relations agency fell prey to a deepfake. Creating a convincing WhatsApp account in Mr Reeds name, the criminals even used an image in the public domain, they successful conned their way in. Using this account to secure a meeting with a senior WPP executive they used YouTube footage and deployed a voice clone during their meeting to convince the manager to fall for their con.
The con was unsuccessful, but the report highlights the extent deepfake content is being used and just how convincing the content can be. Deepfakes can be incredibly difficult to identify, and the use of AI is increasing this difficulty.
Ransomware Attacks
This form of cyber attack encrypts your data on your device and prevents you from accessing it unless you pay a ransom. Ransomware attacks enhanced by AI mean attackers can now modify their tactics in real time. The malware code they use can be modified to avoid detection from firewalls already in place.
Attacks therefore become more efficient and effective. They can scale to then attack a larger number of businesses in the same time frame as before, therefore increasing the likelihood of a successful attack on a business.
A significant threat to business
The threat of AI within the field of ransomware lead to the compilation of a paper by the NCSC warning that the global ransomware threat was expected to rise with AI.
When providing guidance for businesses in the report, Ms Cameron said:
“As the NCSC does all it can to ensure AI systems are secure-by-design, we urge organisations and individuals to follow our ransomware and cyber security hygiene advice to strengthen their defences and boost their resilience to cyber attacks.”
How can businesses defend themselves?
The best way for businesses to defend themselves is to practice good cyber hygiene. Boosting resilience in your business’s defences is achieved through the active and continued implementation of a defence policy and system. You can do this by:
- Staying up-to date with advances and updates to systems.
- Keeping infrastructure compliant and secure.
- Proactively using practices which actively defend against attacks.
- Employing continuous training and policies to help keep your team informed and up to date.
Conclusion
The question of whether AI is a friend or a foe in the dynamic world of cyber security is yet to be answered.
The answer to the question as to whether AI is a friend or foe to business security? That depends on how AI is adopted in your business, and how you defend against the threats this evolving technology brings.
By building robust policies which are maintained and implemented across all sectors of your business and by keeping your systems up to date you can set the boundaries of your business relationship with AI. Building on this by following the highest standards of cyber security hygiene will give your business relationship with AI the best chance to succeed.
Cirrus can help your business keep systems up to date
Does the thought of keeping your system up to date feel stressful? With our excellent reputation for service we are here to support your business. Click below to see how we can take the stress out of managing your services.
Click Here