From supercharged social engineering to AI-powered PCs, explore how AI is reshaping cybersecurity this year.

February 21, 2024


AI Can Impact Cybersecurity

Dr. Ian Pratt, global head of security at HP, explains how recent advancements in AI are becoming pivotal tools in threat detection, response, and exploitation. 

Recent AI advances provide cybersecurity defenders and malicious actors with new tools and capabilities. Cybercriminals have already started exploring how AI can intensify attacks and are targeting businesses with a new generation of rapid-fire threats. But AI can also be harnessed for good – with security teams using AI to bolster threat detection and make remediation more efficient. This could not come at a better time, with a reported four millionOpens a new window cybersecurity professionals needed globally.

This year, we expect AI and its impact to become prevalent in cybersecurity, leveling up phishing lures, identifying weak spots in defenses, and reducing the time to develop and respond to attacks. This year will also see cybersecurity teams prioritize AI – by preparing for the new wave of AI-driven threats and using this technology to their advantage.

Three ways AI is set to impact the cybersecurity landscape: 

1. AI will supercharge social engineering

Cybercriminals will capitalize on AI to supercharge social engineering attacks on an unseen scale, generating convincing and hard-to-spot phishing lures in seconds. These will likely be highly plausible, as cybercriminals automate personalized lures using data gathered from social media or compromised mailboxes. As a result, lures will be very difficult for employees to spot – even after phishing training. Attackers will also use AI to generate more lures in minority languages, which will come across as even more legitimate.

We will likely see mass AI-generated campaigns spike around key dates, too. For instance, 2024 stands to see the most people in history voteOpens a new window in the elections. Using AI, cybercriminals will be able to craft localized lures targeting specific regions with ease. Similarly, major annual events, such as end-of-year tax reporting, sporting events like the Paris Olympics and UEFA Euro 2024 tournament, and retail events like Black Friday and Singles’ Day, will also give cybercriminals hooks to trick users.  

With faked emails becoming indistinguishable from legitimate ones, businesses cannot rely on employee education alone. To protect against AI-powered social engineering attacks, organizations must create a virtual safety net for their users. Micro-virtualization creates disposable virtual machines isolated from the PC operating system, so they remain protected even if users unwittingly click on something they shouldn’t.    

See More: Cybersecurity and AI/ML, Before the New Age of AI: A Recap, and a Look Forward

2. LLMs bring both opportunities and challenges

Local Large Language Models (LLM) are set to be built into PCs this year, with ‘AI PCs’ revolutionizing how people interact with their endpoint devices. These LLMs will boost efficiency and productivity for users and bring several security and privacy benefits by leveraging AI independent of the internet. These personalized assistants and chatbots will reduce the security risks of personal data being sent and held in the cloud. However, with even more data collected by these local models, the endpoint will become a prime target for threat actors.

As organizations look to use LLM chatbots to boost convenience, security teams will have another system to defend. These chatbots could act as an entryway to previously unavailable data. By using targeted prompts to trick corporate chatbots and override controls, threat actors could socially engineer corporate LLMs to gain access to confidential data.

3. AI reduces barriers to harmful firmware and hardware attacks

Advances in cybersecurity technologies will make it harder for attackers to gain access to systems and evade detection. But with AI putting powerful technology in the hands of the many, sophisticated capabilities will become more accessible. This availability will enable attackers to innovate and continue to increase attacks against the firmware and hardware layer, where security teams have less day-to-day visibility. Historically, accessing the operating system (OS) required extensive technical knowledge. But AI will make attacks targeting lower levels of the technology stack more accessible.

We expect to see a rise in the number of advanced cyber-attacks that are harder to detect and more damaging. Cyber events will become more frequent as attackers use AI to find and exploit vulnerabilities and get a foothold below the OS. To defend against this, organizations must now invest more in hardware and firmware security.

A New Era for Cybersecurity

AI is set to have a huge impact on the threat landscape. Still, there is equal opportunity for security teams to harness AI to enhance threat detection and response and relieve pressure on security teams. AI copilots will also help defend users with automated scanning to identify targeted phishing lures that try to trick employees into making bank transfers or sharing sensitive data.  

The arrival of AI PCs in 2024 will bring huge security advantages, enabling users to leverage AI more securely on devices without the security risk of having data sent and held in the cloud. They will also bring a new layer of data privacy, such as automatically locking an unmanned device or initiating a privacy screen when a device is being watched.

To use AI securely to their advantage, organizations urgently need an integrated approach to security that shifts to protection over detection and deploys zero-trust principles. Partnering with Trusted AI security vendors will ensure customers maximize the benefits of AI while being protected from the new security and privacy threats.

What new AI protections has your organization adopted against cybersecurity risks? Let us know on FacebookOpens a new window , XOpens a new window , and LinkedInOpens a new window . We’d love to hear from you!

Image Source: Shutterstock

MORE ON AI IN CYBERSECURITY

Ian Pratt

Ian has spent his career spanning industry and academia, inventing new technology and bringing it to market. He was a tenured faculty member at the University of Cambridge, where he led the prestigious Systems Research Group for over 9 years. He has founded 3 successful technology companies, in areas of networking hardware, virtualization/cloud and cyber security. Nemesys Research build hardware to send broadcast quality audio video over data networks and was acquired by FORE Systems in 1997.

In 1999, Ian initiated and led the XenoServers research program, leading to the creation of the Xen hypervisor, and the first infrastructure as a service Cloud platform. Ian co-founded XenSource in 2003, to build enterprise– class virtualization products based on the Xen, and worked to build the open source community around Xen and oversee its adoption by Amazon, HP, Intel, IBM, Google, Sun and other vendors. XenSource was acquired by Citrix in 2007 for $500M, where he served as Vice President for Advanced Products and CTO.

Ian co-founded cyber security company, Bromium, in 2011. Bromium pioneered a novel approach to endpoint security built on virtualization that results in radically better efficacy than traditional approaches, resulting in over 65 patents. HP Inc acquired Bromium in 2019, where he leads the personal systems security business unit. Ian holds a PhD in Computer Science, is a Fellow of the Institute of Engineering and Technology, and a Fellow of the Royal Academy of Engineering from which he was awarded the Academy’s Silver Medal in 2009.

<!–

–>

<!–

–>