The past decade has seen a massive adoption in machine learning (ML) and artificial intelligence (AI), and an increasing number of organizations have been leveraging such technologies to automate their operations to make their products and services better.
Despite the extensive use of ML and AI by organizations for some time now, many individual users only had their first interactions over the past few months, and mostly in the form of generative AI like ChatGPT, which has brought AI to the front of the public’s mind, fueling an intensive race for AI development.
As with any innovation, the use of AI is expected to have both positive and negative effects on global culture. It’s expected that few will benefit quite so handsomely as cybercrime, though. We live in a digitized age when cyber-attacks are becoming increasingly common, and AI can help streamline criminals’ operations, making them more efficient, sophisticated, and scalable while allowing them to evade detection and attribution.
According to Fady Younes, Cybersecurity Director, EMEA Service Providers and MEA, Cisco, “Today’s cyberattacks are more sophisticated and relentless than ever before, and they are using the latest technologies to gain grounds. To counter it, there is currently a tremendous amount of innovation in cybersecurity, driven by automation, AI, machine learning, proactive detection and remediation and prevention. That is the goal of security – prevent threats, but when you can’t prevent them, detect them immediately to respond, remediate, and record in real time or near-real time.”
A major area of impact of AI tools in cybercrime is the reduced need for human involvement in certain aspects of cybercriminal organizations, such as software development, scamming, extortions, etc., which in turn will decrease the need to recruit new members and lower operational costs due to a lower headcount.
AI presents another avenue for cybercriminals to exploit by utilizing it to analyze enormous amounts of information, including leaked data. This analysis empowers them to identify vulnerabilities or high-value targets, enabling more precise and effective attacks that could potentially yield greater financial gains.
Another area of criminal activity that can thrive with AI is the development of more sophisticated phishing and social engineering attacks. This includes the creation of remarkably realistic deepfakes, deceitful websites, disinformation campaigns, fraudulent social media profiles, and AI-powered scam bots.
On the other side, cybersecurity professionals, defenders, and law enforcement agencies can harness the power of AI to counteract the advancements made in cybercrime. They can utilize AI to develop innovative tools, tactics, and strategies in their fight against malicious activities.
Areas such as threat detection and prevention will be at the forefront of AI security research. Many existing security tools, heavily rely solely on malicious signatures and user input, which render them ineffective for detecting advanced attacks. Consequently, an increasing number of vendors are turning to machine learning (ML) and AI technologies to achieve more precise and effective threat detection. Prominent examples include Cisco Secure Endpoint and Cisco Umbrella utilizing advanced machine learning to detect and mitigate suspicious behavior in an automated manner on end hosts and networks respectively.
Cisco Talos, too has been leveraging AI for several years to automate threat intelligence operations such as the classification of similarly rendered web pages, identifying spoofing attempts through logo analysis, phishing email classification based on text analytics, and binary similarities analysis.
The rise of AI presents new challenges and great opportunities as its user base and applications continue to expand. The effective and targeted utilization of AI-related technologies will play a pivotal role for cybersecurity experts and law enforcement agencies in detecting, defending against, and attributing digital criminal behavior.
By harnessing the power of AI themselves, however, these entities can enhance their capabilities in combating evolving threats and ensuring the security of digital ecosystems. As the landscape of cybercrime evolves, embracing AI will be instrumental in staying ahead of adversaries.