2024 will be an even bigger year for Artificial Intelligence (AI), with more people harnessing its powerful potential, and the presence of stronger, more widespread possibilities. With this technology comes a plethora of both benefits and risks, the former utilized by cybersecurity teams and the latter exploited by cybercriminals in a stiff and innovative arms race. It is important for security leaders to be vigilant against new threats, as well as up to date on the abilities of AI and rising trends.
We identified key things to look out for in 2024 as it relates to AI:
AI-Enabled Cyberattacks And Sophisticated Phishing
AI has become a mainstay in the toolbelt of cybercriminals, particularly to aid in launching social-engineering attacks. This includes the creation of phishing messages with more effective messaging to trick victims. According to Forbes on Blackberry’s recent research, “top concerns for misuse of ChatGPT revolve around social engineering (creating highly convincing and difficult-to-detect phishing emails) and skilling up less experienced hackers to become more effective with their attacks.” Gone may be the days of being able to identify these malicious messages by grammatical mistakes or awkward phrasing, and with generative AI in the hands of cybercriminals, a greater volume of attacks can be created in less time, with a higher success rate than ever before. Direct financial loss from successful phishing attacks increased by 76% in 2022 according to Proofpoint’s 2023 State of the Phish Report.
Password Hacking And Deepfakes
AI technology is used by cybercriminals to improve their algorithms for password hacking, leading to faster and more accurate predicting. Because of the profitability of this endeavor, cybercriminals may concentrate a larger amount of their focus on password hacking. Other AI-enabled threats include deepfakes—content that has been digitally altered to mimic individuals, often high-profile leaders, politicians, and executives who have no shortage of audio and visual content to manipulate, to maliciously disseminate false information. AI’s ability to distort and transform this content is used in this way by cybercriminals often in addition to social engineering attacks and extortion.
Fortunately, not all recent AI trends are harmful. This technology has proven the potential to be a major asset in penetration testing. AI can be used intentionally to explore the defenses of software and networks. Through this process, organizations will be able to identify their weaknesses more efficiently, before hackers get the chance to find and exploit them.
AI as Resource for Protection
Even with the risks AI can pose, it is also important to realize the benefits of this technology. Harnessing these advantages is essential for combating new challenges in the cybersecurity landscape. AI can be extremely useful to security teams through its capability to analyze large amounts of incident-related information. This can help teams better understand the data and take action against the threat. AI is also useful in flagging suspicious activity, emails, and login attempts to prevent potential breaches. Additionally, threat monitoring by AI is a technology that cannot be matched. AI can detect attacks more effectively and accurately than humans, and AI produces fewer false-positive results. In utilizing these qualities, the time and energy of a security team can be conserved, and the detected attack can be addressed in a manner faster than ever before.
The Growth and Potential of AI Continues to Explode
AI is here to stay. And not only that, it has also become a priority for organizations to learn about and understand. According to Forbes, 76% of enterprises have prioritized AI and machine learning in their IT budgets, and Blackberry found that “the majority (82%) of IT decision-makers plan to invest in AI-driven cybersecurity in the next two years and almost half (48%) plan to invest before the end of 2023.” The market for this technology also continues to increase. Recent research estimated the global market for AI-based cybersecurity products was about $15 billion in 2021 and will surge to roughly $135 billion by 2030 (Morgan Stanley). When thinking of how far AI has come, it is only fair to believe the potential benefits and potential risks of this technology will continue to evolve. Moving forward, security leaders must dedicate themselves to being watchful against the ways AI can be weaponized, as well as being receptive to the potential of AI to improve their industry and offer answers to these new threats.
Sources: Forbes, “How AI Is Disrupting And Transforming The Cybersecurity Landscape” Morgan Stanley, “AI and Cybersecurity: A New Era” Core to Cloud, “How AI is Revolutionizing Cybersecurity: Trends and Implications” Blackberry, “ChatGPT May Already Be Used in Nation State Cyberattacks, Say IT Decision Makers in BlackBerry Global Research” CNET, “The Biggest AI Trends in Cybersecurity” CSO, “Emerging cyber threats in 2023 from AI to quantum to data poisoning” Proofpoint, “2023 State of the Phish Report”