Tamara Franklin As artificial intelligence (AI) technology advances, its impact on cybersecurity becomes increasingly significant and complex. Industry experts are sounding the alarm about the role of AI in escalating cybercrimes worldwide.
“We worry about AI as an amplifier for all sorts of misconduct. Where it’s most dangerous is essentially taking junior varsity bad actors and bringing them to the varsity level. But in fairly short order, we’re going to see AI taking the varsity-level athletes and taking them to a whole ’nother level of dangerousness,” said FBI Director Christopher Wray in a fireside chat moderated by former U.S. Secretary of State Dr. Condoleezza Rice.
He continued, “You could use AI now to find vulnerabilities that can be exploited, AI to write code to exploit those vulnerabilities, AI to conduct more sophisticated spearphishing efforts…”
The list goes on.
In this article, we’ll cover:
- How AI is reshaping various cybercrime methods
- Common targets of AI-powered cybercrime
- Effective strategies for businesses to counter AI-powered cyber threats
Let’s dive in.
The rise of AI-powered cybercrime
The use of AI to commit cybercrimes represents a pivotal shift in the cybersecurity landscape. As Irina Bednova, CTO of Cordless, notes, the use of AI in cybercrime is not new, but its sophistication and scale have dramatically increased as AI technology advances.
“The interconnectedness of today’s digital systems makes them attractive targets for AI-enhanced attacks,” Bednova shares.
Sean Henry, Security Chief at CrowdStrike, believes the increasing use of AI in cybercrimes should be a major concern for everybody.
“AI has put this tremendously powerful tool in the hands of the average person, and it has made them incredibly more capable. The adversaries are using AI to overcome different cybersecurity capabilities and to gain access into corporate networks.”
But what makes AI-enabled cybercrime more dangerous than the cybercrime we’ve been experiencing for years? Let’s take a look.
Traditional cybercrime vs AI-powered cybercrime
AI-powered cyber attacks are more sophisticated and flexible. Because AI algorithms can learn, adapt, and evolve over time, these attacks are much more difficult to detect and counter.
Secondly, they operate with greater speed and scale. By leveraging automated systems to rapidly scan and exploit network vulnerabilities, cybercriminal operations are more effective and efficient.
Additionally, AI enables personalized and targeted attacks by analyzing extensive data, and tailoring phishing emails, malware, or social engineering tactics to specific targets.
We used to be able to spot a phishing email a mile away. The poor grammar and spelling are no longer an issue now that foreign attackers can simply input their message into a chatbot and get a perfectly crafted email back in seconds.
Let’s look at other reasons these AI-enhanced cybercrimes are more difficult to sniff out.
Why it’s harder to detect AI-powered cybercrime
AI-powered attacks can mimic legitimate user behavior, employ advanced encryption, and use deep learning to create super realistic deep fake content, evading traditional security measures.
Moreover, AI-driven attacks are incredibly resource-efficient. They reduce the need for human intervention and allow cybercriminals to conduct operations with minimal effort and cost.
These criminals also have a tactical advantage, thanks to AI’s predictive capabilities, which can anticipate security responses and counteract them.
Using AI makes it cheaper and faster to execute numerous simultaneous attacks aimed at exploiting multiple vulnerabilities. AI can also speed up post-exploitation activities such as lateral movement and reconnaissance.
Let’s dive deeper into some of the ways AI is empowering a new generation of cybercriminals.
Applications of AI in cybercrime
AI-powered cybercrime exploits advanced technology to conduct sophisticated and targeted attacks. By leveraging machine learning and data analysis, AI can automate and enhance various cybercrimes, including:
- Phishing: AI algorithms can generate personalized emails that mimic the communication style of your CEO, for example, asking you to send over some important information. The level of accuracy and detail significantly increases your chances of being deceived.
- Social engineering: According to a report from Palo Alto Networks, in 2023, 27 percent of cyberattacks included a harassment element. “Attackers are specifically going after security executives’ families, reaching out to them personally, finding any way that they can to socially engineer data out of them. And that’s going to continue,” warns Whitmore. Powered by AI, attackers now have more data at their fingertips that they can effortlessly use to trick us into giving up the goods.
- Advanced malware development: AI-powered malware can learn from its environment and avoid the security measures put in place to stop it.
- Network infiltration and exploitation: No system is airtight. But what once took hackers spending months to crack, AI can analyze and unlock at the snap of a finger. Attackers can automate the process of finding weak spots in systems, creating faster and more efficient breaches.
- Credential stuffing and brute force attacks: AI algorithms take credential stuffing attacks to an unprecedented scale, trying numerous combinations of usernames and passwords to gain unauthorized access at lightning speed.
- Data analysis for targeted attacks: AI can process large datasets to identify high-value targets, like businesses or individuals with access to sensitive information or financial resources.
- Deepfake technology: According to Henry, cybercriminals are also using AI for misinformation, including creating videos, audio, and text files that are “incredibly believable and that have people seeing something, believing that is true, when in fact it’s been manufactured, oftentimes by a foreign government.”
Each of these methods demonstrates the growing sophistication of AI in cybercrime, highlighting the need for equally advanced cybersecurity measures.
Targets of AI-powered cybercrime
“All businesses and individuals are potential targets, but enterprises and critical infrastructure are particularly attractive due to the potential for significant financial gain or disruption,” says Alex Adekola, CEO & Founder of Ready Adjuster.
“Banks, financial institutions, organizations, schools, and cities throughout the world are all being targeted, particularly by ransomware actors,” shares Palo Alto Networks Senior Vice President for Unit 42, Wendi Whitmore.
“Cybercriminals are becoming even more effective at their job. They do a great job of understanding what’s in an environment and which data they can steal. And we’re seeing data stolen and exfiltrated from environments and used for extortion,” Whitmore continues. “Every four hours, we’re seeing more organizations’ data posted.”
Due to the sensitive nature of the data they handle and the potential financial gains for cybercriminals, financial services, healthcare, and government agencies are the top targets.
The consequences of AI-powered cybercrime can be severe and wide-ranging. Some of the key consequences include:
- Financial losses
- Data breaches resulting in stolen personal data
- Reputation damage
- Financial instability for the company, its customers, and the economy
- Unauthorized access to patient records
- Violation of HIPAA regulations
- Disruptions in patient care
- Disrupting communication networks
- Compromising sensitive government data
- Potential chaos in critical functions such as law enforcement, defense, and emergency response
These consequences highlight the critical need for collaboration between government agencies, law enforcement, and cybersecurity experts to mitigate the risks associated with AI-powered cybercrime.
Using AI to combat cybercrime: A paradigm shift in cybersecurity
Like almost anything in life, AI can be used for good just as easily as it can be used for evil. For instance, IBM’s annual Cost of a Data Breach report found that the most effective strategy to reduce data breach costs and response times involves extensive use of AI and automation.
Specifically, AI can save an average of $176 million per data breach, significantly cutting costs from an average of $4.5 million. Furthermore, AI can reduce the time to identify and contain a breach by 108 days, marking a substantial impact.
According to IBM Distinguished Engineer Jeff Crume, “The efficacy of AI in cybersecurity primarily stems from its ability to analyze large datasets, identifying patterns that might otherwise go unnoticed. A pivotal tool in this process is machine learning, a subset of AI, particularly adept at spotting anomalies, outliers, and patterns — all critical in cybersecurity.”
“Also, emerging technologies like foundation models, large language models, and generative AI chatbots are gaining attention,” says Crume.
“These models excel at summarizing vast information, which is invaluable in incident and case summarization. They can detect trends and similarities in cases, enhancing the understanding of cybersecurity threats.”
AI can also automate the creation of incident response playbooks and hypothesize threat scenarios, bolstering threat-hunting capabilities.
Additionally, Crume states that AI in cybersecurity is steering us from a reactive to a more proactive approach.
“The integration of AI not only makes cybersecurity more cost-effective but also significantly enhances safety measures. This synergy between AI and cybersecurity is key to advancing towards more proactive solutions in the digital defense landscape.”
According to Adil Advani, Associate Product Owner at Securiti, a company specializing in AI and machine learning-based security solutions, “Businesses should be very concerned about AI-powered cybercrime threats. They must strengthen cybersecurity measures, implement advanced AI security solutions, provide employee training, and regularly update protocols to protect against these emerging risks.”
Alex Tray, a cybersecurity consultant at NAKIVO, recommends several efforts to combat AI cybercrime, including “the development of advanced AI and machine learning algorithms designed to detect and neutralize such threats more efficiently.”
Tray shares that “AI can be used to fight back by analyzing patterns of malicious activity, improving threat detection, and automating security responses. Also, backing up data is crucial for ensuring the safety and accessibility of important information in the event of data loss.”
Lilia Tovbin, CEO and founder of BigMailer.io recommends incorporating AI in endpoint security solutions to address AI-powered cybercrime.
“Traditional tools struggle to keep up with AI-driven attacks, but with AI onboard, organizations can better detect and prevent these threats,” shares Tovbin. “AI algorithms analyze endpoint data without delay and are good at identifying suspicious behaviors. This helps catch threats early and reduces the chances of successful cyber breaches.”
The outlook for AI-powered cybercrime
Looking ahead, Palo Alto Networks tells us that aside from AI’s potential for speed, they’re also concerned about its potential for patience.
“An AI could theoretically engage in a long, slow-burn operation aimed at eventually finding a way into an organization — perhaps over a time period that a human would be unlikely to sustain.”
There’s also the possibility that attackers could compromise generative AI tools and large language models themselves. This could lead to data leakage or perhaps poisoned results from impacted tools.
It’s clear that the fight against AI-powered cybercrime is ongoing and requires constant vigilance, innovation, and collaboration. Staying informed and proactive is key to maintaining cyber resilience in the face of these evolving digital threats.
Want more insights? Stay ahead in the rapidly evolving hosting industry by downloading our comprehensive 2024 State of the Hosting Industry Report.