Artificial intelligence (AI) and machine learning have become key tools in the cat-and-mouse game of cybersecurity and cyberattacks, according to a report from cybersecurity firm ReliaQuest.
ReliaQuest’s annual threat report explains that bad actors use AI to “boost” social engineering, which it says is the primary exploit against organizations.
Phishing is used in 71% of attacks. AI is a key tool in creating these attacks. A new variation is QR code phishing, which ReliaQuest says has increased 51% in 2023 compared to the last eight months of 2022. AI and machine learning are also being used in “drive-by attacks” that require no action from victims and fake automatic updates. web browsers.
This was an organized push, according to the report. There is evidence that participants on major cybercriminal forums are now discussing AI as a tool for developing alternative chatbots such as FraudGPT and WormGPT and “alluding to the development of simple malware and distributed denial of service requests (DDoS) using these options,” said a press release about the results.
AI can create powerful tools because it can replicate voices using a sample and fake video calls, the report notes. Automation is another opportunity for AI and machine learning to help bad actors. The report cites the Citrix Bleed operation as an example of this approach.
However, the security forces are not powerless. AI can also be used to combat AI-based cyberattacks.
A survey of ReliaQuest customers found that those using AI-powered automated workflows were able to significantly reduce threat resolution time. Customers who did not use AI-based automated workflows took an average of 2.3 days to respond to threats, but for customers who used some level of AI and automation, the average was 58 minutes. And for customers who “fully leveraged” AI and automation, the average was seven minutes.
“As the threat continues to evolve, defenders must remain agile, using AI and automation to keep pace with the latest attack techniques,” said Michael McPherson, senior vice president of technical operations at ReliaQuest, in a press release. Press release. “Time is the enemy of cybersecurity.
“To proactively protect against these risks, businesses must maximize visibility across their networks and beyond the endpoint, take full advantage of AI and automation to better understand and use their own data, and equip their teams with the latest threat intelligence. »
Last year, the security company found that financial theft was the target of 88% of attacks and that extortion activity increased by 74%.
Broadband providers realize the role AI can play in cybersecurity. For example, Comcast acquired an AI cybersecurity company to strengthen capabilities in this area.
