Chances are, your company is underestimating the security risks that AI presents. Not just the AI tools your organization is using (although that’s a reality), but the new capabilities that AI technologies provide to bad actors. Your company is more susceptible than ever to a massive, public data breach, because modern cyberattacks are commonly powered by AI.
Today’s security challenge for organizations is their own lack of imagination. They find it difficult to imagine how AI technologies (including the ones they use could be turned against them — and the myriad vulnerability channels those attacks can come from.
With the advent of AI, there are multiple new capabilities that cyber attackers can now leverage. Old hacking tactics are more effective than ever, and entirely new attack approaches have opened up as well.
AI attacks have leveled up their social engineering sophistication as well as their technical capabilities. Here’s how generative AI is powering the next evolution of cyber attacks against your company.
AI Social Engineering and Human Risk
The Death of the Obvious Phishing Email
Back in the day, you could tell fairly easily when you received a phishing email from a bad actor from a foreign country, because it read like a foreign speaker had written it. Anyone who took the time to examine those emails could tell they were suspicious. But that’s changing.
Today, generative AI cleans up bad grammar and misspelled words, and even polishes the messaging to sound more natural. Thanks to AI technology, a phishing email can be impossible to identify based on the writing quality alone. This means it will be all the more difficult for your employees to detect these attacks, especially if their only filter is detecting bad grammar and misspellings.
No AI Policy? Your Company Is Flirting with Disaster
Hyper-Personalized Social Engineering
Bad actors now have systems that can do much deeper research than ever before. Thanks to the power of AI, even the lowliest of hackers can gather a wealth of information about your organization and the personnel within your business. Those AI tools can then coalesce that information and create fleshed-out profiles of specific employees and executives at your company for targeting.
For example, bad actors can easily scrape your social media posts and other online information about you to discover where you live, how many children you have (and their names and ages), your hobbies and groups you belong to, weekend activities, the church you attend, political affiliations, medical conditions you’re dealing with, and so much more.
AI can then connect disparate dots, gather more information about you from the people you’re connected to online, and make predictive inferences about your private life that you haven’t directly shared online. With that information, bad actors are equipped to hyper-personalize their attacks, using cues or details that you would resonate with.
An attacker can assume the persona of someone you know — your dentist, your child’s school, or a coworker — and craft a highly personalized message that gets you to trust the sender and respond with sensitive personal (or corporate) information.
Featured Case study
Assessment Firm Breezes Through Client Engagements
Learn how TCT helped Online Business Systems (OBS) reduce hundreds of man-hours and solve their biggest challenges on client engagements.
Deepfakes, Voice Cloning, and Synthetic Identities
Deep fakes and voice cloning are becoming standard tools for attackers. Bad actors can use AI tools to analyze video or audio clips and accurately reproduce the voice — while putting words in the victim’s mouth. So if you or your executive leaders have been on a podcast, or have posted videos on social media, or have been recorded giving a talk at a conference, those clips can be used against your company.
Attackers can program AI to say anything, replicating any voice, and then call someone in your company posing as your CEO. They concoct an urgent situation and request money or information immediately, relying on panic and authority to get their target to act without thinking. Attackers can also use voice attacks to get past voice validation security measures.
Voice and image cloning makes it dramatically more difficult to spot a cyberattack — which emphasizes the importance of thorough security training for every single person within your organization.
One of the challenges in the past was the fact that an attacker was trying to generate an online profile that looked legitimate. At one time, fake accounts had very little information, and the details often wouldn’t hold up under the lightest of scrutiny. But with the advent of AI, an attacker can generate realistic digital identities, where they tie in an ID, bills, selfies, and more. Thanks to AI tools, the fake account looks legitimate in every way, fully fleshed out as if the persona were a living person with a real life. When you do a security sanity check and see if the person is real or not, they appear to be completely legitimate.
Technical Threats and Infrastructure Vulnerabilities
Automated Malware and the Accelerated Zero-Day Race
In the past, bad actors would generate malware that anti-malware providers could analyze and defend against. This was done by creating a signature of the malware that the anti-malware software would recognize and respond to. Attackers would then have to manually track their diminishing returns over time and manually change the malware to bypass the signature defenses. This cycle would continue, using manual methods, and would be labor intensive for the bad actors.
Now, using AI, malware attacks are completely automated. The AI program monitors diminishing returns and automatically makes adjustments on the fly. In fact, it can create hundreds or thousands of adjustments in an instant. This capability puts anti-malware tools at a disadvantage as they continually seek to keep up with constantly changing malware signatures.
What to Do If You Have a Ransomware Attack
With AI-assisted vulnerability discovery, the attacker needs much less information for an effective data breach. And it will start happening a lot faster. As a result, organizations will start taking their cybersecurity vulnerability monitoring much more seriously. Expect attackers to use AI agents to quickly identify new zero-day vulnerabilities. Whereas it used to be possible for white hat hackers to find those vulnerabilities and close them before the bad actors, AI will make that much more difficult to do.
Corrupting the Software Development Life Cycle (SDLC)
As companies increasingly lean on AI to generate code, attackers will attempt to integrate flaws into the AI-generated code, creating backdoor entry points for future data breaches. In turn, organizations will need to be more thorough and detailed in their reviews, vetting and validation of AI code.
AI engines use machine learning to incorporate how they respond to queries and perform other functions. That learning is done with some sort of training data. Bad actors will steer that learning to accept the integration of flaws into the code that the AI system generates, which is leveraged by organizations who unwittingly place code flaws into their production systems.
Expanding the Attack Surface: Indirect Channels
It isn’t just your company’s internal system that you need to shield from attackers. Your organization has human beings who are active on LinkedIn and other social networks. So, for everyone who has a LinkedIn connection to the company, bad actors have an indirect channel into the organization. Attackers have a vast surface area to go after, and many organizations haven’t addressed it.
Likewise, any time information is published about a relationship you have with another company (such as a press release), that information becomes a path for indirect attacks through that relationship.
The AI Security Arms Race
The good news is that AI technologies are also being used to defend against these modern cybersecurity threats, but they’re only useful if you’re staying at the forefront of the threat landscape. It isn’t hard to anticipate the arms race these AI developments create as each side continually mounts countermeasures against the other. In the short time since AI tools became commercially available, the capabilities have evolved at a quantum level — and the pace of innovation is speeding up.
We’ll be seeing huge jumps in financial-based attacks, leveraging automation and social engineering — and most companies aren’t ready for it. I continually see organizations underestimating the existing capabilities of AI in the hands of bad actors — capabilities that pale in comparison to what’s coming.
What Will Happen If Your Company Suffers a Data Breach?
Protecting Your Business from AI-Powered Attacks
I’m seeing a lot of organizations that see the security and compliance arena as an expense, but there’s not much that will be more expensive than suffering a data breach. That’s a multi-million dollar cost, even for small companies.
What is most concerning right now is when organizations deliberately opt not to invest in their enterprise security and compliance posture.
The bottom line is that your company needs to take the AI advancements in cyberattacks seriously. You can’t ignore them or wish them away — even if you’re a small business. Investing in cybersecurity and compliance keeps your company alive, pure and simple. And with today’s hyper-advancing AI capabilities, the reality is more stark than ever.
Get industry insider expertise delivered to your inbox
Subscribe to the TCT blog
