Marcel Calef
AI has become the weapon of choice for cyber criminals for crafting new attacks through a variety of tactics and they’re very successful. An MIT Sloan and Safe Security research project found 80% of 2,800 ransomware attacks were powered by artificial intelligence. Malware, phishing, and deepfake-driven social engineering are popular schemes. A major difference is that AI based attacks move at lightning speed. AI-powered malware can dynamically rewrite code, making attacks harder to detect. It can analyze network behavior in real time, looking for vulnerability points to infiltrate. Fighting back against AI will require a defense that combines technology with the recognition that human behavior enables AI cyber-attacks just as humans enabled attacks in the pre-AI era. A business’s best defense is mobilization on three fronts: people, permission control, and technology.
The number one point of security failure is a person clicking on a site, page or application that houses a threat. The opportunities for this increase with the pace and volume at which AI can generate new threats and process these links, creating an urgent need for advanced defenses. Phishing scams through social engineering are a main source of attacks. The difference is that AI is far more sophisticated, sending an email, for example, which looks identical to a person’s account. If an employee is tired, and some of this fatigue is caused by performance issues at their desktop, they are more likely to click on this communication. If they are unsatisfied with their company’s response to previous concerns, they may delay reporting the issue or not report it all.
No comments:
Post a Comment