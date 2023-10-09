The increasingly powerful artificial intelligence (AI) tools that are appearing these days are transforming various industries and, consequently, the lives of many people. It is no secret that algorithms already play a fundamental role in the automotive, e-commerce, human resources, education and cybersecurity, to name just a few examples.

The scope of this phenomenon, as we can see, is enormous. And this creates a lot of challenges because AI is being used for both legal and illicit purposes. Just as students have started using ChatGPT to do homework (and more and more teachers are responding with the same tool), cybercriminals are turning to AI to improve their attacks.

The evolution of AI and cybersecurity problems

Microsoft is clear that the development of AI comes accompanied by new challenges for the computer security field. Speaking to The Wall Street Journal, the Redmond company’s security and trust leader, Tom Burt, has acknowledged that attackers, both individual and state-sponsored, have managed to improve their intrusion techniques thanks to AI.

Ransomware attacks doubled between November 2022 and June 2023, according to Microsoft researchers. To reach this conclusion, they explain, they did an analysis based on 123 million devices and tracked more than 300 groups of cybercriminals. Let’s dig a little deeper to find out what’s going on.

Just as ChatGPT or GitHub Copilot improve the productivity of programmers and companies, these tools may also be used by cybercriminals. Specifically, for improve the code of their malicious programs (malware) and even to improve the messages that accompany phishing attacks. A really dangerous combination for cybersecurity.

When we talk about phishing, remember, we are referring to a technique that aims to make victims “sting.” This is achieved thanks to the sending of fraudulent messages that usually impersonate people or companies we trust, for example, the case of identity theft from Correos in Spain, something that has led the organization to take action.

From our position, that of the users, we will have to be prepared to see increasingly sophisticated emails arriving in our inbox whose appearance may imitate almost perfectly an authentic one from our bank, courier companies, social networks, etc. Not only in the language used to convince us, but also in the brand image.

AI, according to the company behind Windows, can also revitalize the economy of cybercriminal groups. In the world there are certain malicious actors who sell their services. We have seen it in both phishing and ransomware attacks. The algorithms would be promoting a new offer of illegal services for those individuals interested in using them.

In the world of ransomware, as we mentioned above, attacks increased considerably. Additionally, the attack mechanics have been improved to avoid leaving traces and hinder any recovery attempt by cybersecurity teams. The data, instead of being encrypted in the victim’s local environment, is now encrypted remotely.

The cybersecurity industry, for its part, has been using this technology for years to improve threat detection, system behavior analysis, and intrusion prevention. However, in the world we live in, they cannot take a break and must continue to evolve alongside the threats that appear on the horizon.

Images: Tima Miroshnichenko | Pixabay

