Matt Frye, Head of Presales & Education at Hornetsecurity, explores how to leverage AI for offence and defence in cybersecurity.
The rise of generative AI has been meteoric. Rapid innovative advancements and the launch of technologies such as ChatGPT have quickly showcased the transformative impact AI holds for both professional and personal tasks.
However, recent research from the National Cyber Security Centre (NCSC) warns that generative AI tools allow amateur cybercriminals to launch sophisticated phishing attacks – which will increase the difficulty for users to identify phishing messages.
How AI has transformed the cybersecurity threat landscape
The current cybersecurity threat landscape for businesses is complex and ever-changing. There has been an increase in sophisticated ransomware attacks, advanced persistent threats (prolonged attacks), and social engineering tactics such as spear phishing. Recent research from Hornetsecurity revealed that phishing is the top email threat – accounting for 43.3% of attacks. However, other attack methods such as malicious URLs now account for 30.5% of all cyber-attacks.
The progression of malicious versions of widely-used large language models (LLMs) such as DarkBERT and WormGPT suggest a future where less experienced threat actors can automate sophisticated cyber-attacks. These developments have caused widespread concern that AI is amplifying and accelerating cyber threats, as they are enabling faster and more targeted exploitations.
However, AI can also be used as a force for good in cybersecurity. Cybersecurity providers have long been using AI and machine learning to develop protection services focused on robust, next-gen protection as well as the automation of employee education to increase their awareness of the potential look and feel of cyber-attacks. These services also include proactive threat detection, pattern recognition, and behavioural analysis to identify cyber-attacks with increased accuracy and speed.
The importance of cybersecurity hygiene
The importance of cybersecurity hygiene cannot be overstated; it serves as the first line of defence against cyber threats. In 2023 alone, over 1.4k cyber-attacks were recorded in the UK. This included the devastating ransomware attack on the British Library, which could cost as much as £7 million to fully restore.
Crucially, almost every type of business is at risk of attack. If an organisation can pay a ransom, it can become a target for cyber criminals. For example, the research industry is often targeted due to the intellectual property it handles. Entertainment companies such as MGM and Caesars Casinos are often targeted because they operate in a lucrative industry and the manufacturing sector is often seen as an easy target for cyber attackers because of their tendency to use many IoT devices like Programmable Logic Controllers (PLCs) that can leave them vulnerable if not properly secured.
To create a resilient and secure digital environment, businesses must take cybersecurity seriously, with regular software updates, strong password management, and ongoing user education. Empowering employees with the knowledge and skills to recognise potential cyber threats through effective security awareness training is crucial to build a sustainable security culture.
The race between bad actors and cybersecurity specialists
In the evolving landscape of cybersecurity, a race has emerged between malicious actors and cybersecurity specialists who are both harnessing the power of AI for different reasons. Cybercriminals, armed with sophisticated AI tools, aim to target organisations at an unprecedented pace by automating attacks and adapting new strategies to bypass traditional defences. On the flip side, cybersecurity specialists are using AI to enhance threat detection, response, and mitigation.
This highlights the need for organisations to be proactive and adaptive in their approach to cybersecurity to protect their data and their employees and stay one step ahead of evolving threats.
