Sten Feldman, Head of Software Development at CybExer Technologies, explores the evolving impact of the AI boom on cybersecurity.

According to the European Union Agency for Cybersecurity’s (ENISA) recently updated Foresight Cybersecurity Threats report, AI will continue redefining cybersecurity until 2030.

Although AI has already significantly reshaped the cyber threat landscape, particularly with the widespread use of GenAI, it is likely to increase the volume and heighten the impact of cyber-attacks by 2025. This is a clear indication that the use cases we’ve seen so far are just the beginning. The true challenge lies in the untapped potential of AI, and the long-term risks it poses. 

The direction AI leads in cyber threat landscape

The increased use of AI has led to a surge in more sophisticated cyber-attacks, from data poisoning to deep fakes. Among these, phishing campaigns and deep fakes stand out as the two main avenues where AI tools are effectively employed to orchestrate highly targeted, near-perfect cyber-attack campaigns.

Gen AI-driven deep fake technology in particular has become a standard tool for threat actors, enabling them to impersonate C-level executives and manipulate others into taking specific actions. While impersonation is not a new tactic, AI tools allow threat actors to craft sophisticated and targeted attacks at speed and scale.

For example, large language models (LLMs) enable threat actors to generate human-like texts that appear genuine and coherent, eliminating grammar as a red flag for such attacks. Beyond this, LLMs take it a step further by hyper-personalising attacks to exploit specific characteristics and routines of particular targets or create individualised attacks for each recipient in larger groups.

However, AI’s impact is not only on the sophistication of attacks but also on the alarming increase in the number of threat actors. The user-friendly nature of Gen AI technology, along with publicly available and easily accessible tools, is lowering the barrier of entry to novice cybercriminals. This means that even less skilled attackers can exploit AI to release sensitive information and run malicious code for financial gain.

AI also plays an essential role in the increasing speed of cyber-attacks. Trained AI models and automated systems can analyse and exfiltrate data faster and more efficiently and perform intelligent actions. Creating ten million personalised emails takes a matter of seconds with these tools. They can quickly scan an organisational network, try several alternative paths in split seconds to find a network vulnerability to attack. Once this happens, they automatically attempt to get a foothold into systems.

Utilising AI in blue teams

Although threat actors will continue to use AI to evolve their tactics and increase the risks and threats, AI is also widely used to arm organisations against these cyber threats and prepare against dynamic attacks.

Consider this in terms of red and blue teams for organisational defence. The red team, armed with AI tools, can launch more effective attacks. However, the same tools are equally available to the blue team. This raises the question of how blue teams can also effectively deploy AI to safeguard organisations and systems.

There are many ways for organisations to utilise AI tools to strengthen their cyber defence. These tools can analyse vast amounts of data in real time, identify potential threats, and mitigate risks more efficiently than traditional methods. AI can also be used in model training, replicating the most advanced AI applications and simulating specific scenarios.

Incorporation of AI into cyber exercises to create attack environments allows organisations to detect weak and vulnerable spots that the most advanced AI application could exploit, and also use AI tools to solve real-world cases.

This means organisations can have a deeper, more comprehensive insight into cybersecurity preparedness and how to arm systems against potential AI powered attacks. It is critical to keep training and exercises up to date with the latest threats and technologies to prepare organisations for AI-powered threats.

The best defense…

However, cybersecurity teams cannot adress the risks posed by AI solely from a defensive perspective. The biggest challenge here is speed and planning for the next big AI-powered attack potential. Organisations should work with the utmost dedication and stay ahead of cyber security trends to create proactive defence strategies.

External security operations center (SOC) services and working with specialised consultants is essential for organisations to be able to move as fast as threat actors and aim to be a step ahead – this is the only way to provide a sense of security in the face of ever-evolving AI threats.

AI as a threat to the whole organisation

AI integration in organisations’ systems is also not without risks. While AI is reshaping the cyber landscape in the hands of threat actors, enterprises are also facing accidental insider threats. AI systems integrations are leading companies to new vulnerabilities, which are well-known internal AI threats in cybersecurity.

Employees using Gen AI tools are accessing more organisational data than ever before. Even in the hands of the most well-intended employees, if they are not cyber-trained, AI tools could lead to unintentional leaks or misplaced access to restricted, sensitive data.

As in every cyber-attack scenario, tackling AI-powered threats is not possible without creating an organisation-wide cyber awareness and resilience culture. Training all employees on using AI tools and the potential risks they pose to an organisation’s systems and integrating AI into daily security operations are the first steps for creating a culture of cyber resilience against AI-powered attacks.

Developing organisational cyber awareness from every responsibility level is critical to avoiding emerging vulnerabilities and evolving AI threats. It not only helps mitigate the risks of employees accidentally misusing AI tools, but also helps build strong organisational cyber awareness and the proactive development of robust security measures.

  • Cybersecurity

Related Stories

We believe in a personal approach

By working closely with our customers at every step of the way we ensure that we capture the dedication, enthusiasm and passion which has driven change within their organisations and inspire others with motivational real-life stories.