Donnie MacColl, Senior Director of Technical Support, Fortra
We live in a world where little can be taken at face value and consequences can be – complex.
Generative AI (GenAI) hasn’t made this any easier, nor has it simplified the threat landscape. In fact, it’s weaponised it further. On the flip side, however, it has weaponised cyber security as well, and as of now, it’s still being decided which side it will ultimately best support.
GenAI: How Bad Can It Be?
While not the Boogey Man so many have predicted, GenAI is certainly up there with this year’s “list of incredible threats”. It has already shown its prowess in a few key areas:
- Crafting malicious code: Ever heard of polymorphic malware? It’s malware that changes its code mid-exploit to avoid detection by signature-based detection tools. Thanks to GenAI, creating this type of malware on the fly is that much easier, , and much quicker to spin up. Once the purview of attackers that really “knew their stuff”, polymorphic malware (plus the power of AI) has become to even entry-level criminal actors.
- Scanning for exploits: Once GenAI starts scanning source code, it can spot vulnerabilities faster, better, and more often than we can. Armed with this force-multiplier, attackers make short work of the reconnaissance stage.
- Social engineering ploys: We’ve all seen the convincing deepfakes that prowl the internet – and now, our inboxes. AI-generated images, voices, and videos are contributing to the high number of successful business email compromise attacks, as we find ourselves at a loss to identify which sound bite is really from our boss – or worse, not noticing anything amiss in the first place.
Suffice to say, the threat trend here is “better, faster, and more accurately,” and it comes right at a time when we thought we already had our hands full. GenAI makes exploits sneakier, more accurate, more accessible, and less difficult to decipher. Unfamiliar as we are with “spotting the difference,” it’s understandable that so many of these AI-induced attacks are getting the better of us.
And they will continue to do so, unless we learn to fight fire with fire.
Cybersecurity: Harnessing AI for Good
If we are to win against an opponent that can overcome us with sheer numbers alone, we need to be able to fight back at scale. Luckily, AI technology is still (amazingly) public domain, and this knife cuts both ways.
Here are ways defenders are leveraging the power of GenAI to combat modern-day threats:
- Bridging the cyber talent gap | Far from giving your job to robots, this means getting to keep your job (and like it a little more). Now, analysts can do the job they were hired to do (analyse) while GenAI provides lower-level data gathering and analysis. “Show me the baseline for this asset” becomes the work of minutes, not months.
- Catching polymorphic malware | If GenAI can spin up polymorphic malware at obscene rates, it can also catch them at the same. AI-based detection and response tools (like EDR, NDR, XDR) don’t need signatures to catch a criminal; all they need is to identify the (bad) behaviour, and when you’re comparing petabytes of baseline behaviour to a few surprising anomalies, you spot trouble pretty fast.
- Doing more with your security stack | We all know “pentesting” is on the list, but not everyone has the resources or guidance to do it effectively today. Luckily, GenAI can, along with searching logs, patching vulnerabilities, and hunting threats. Now, you can finally pull out the old manual and do all the things you were trained to do – and at scale.
It’s clear that responsibly used AI is a boon. But how do we implement GenAI responsibly?
Handle With Care: Integrating AI Safely
When it comes to GenAI models, watch out for what you share (it could come out the other side), the quality of data it receives (it gets smarter as it goes), and using it without a human mediator. It’s smart, but still lacks human empathy and judgment; critical for making good business and security decisions.
If used well, GenAI is even more than it says it is. If used carelessly, it can easily do more harm than good – and it can do it “better, faster, and more accurately.”
