AI is in the spotlight as ChatGPT grabs headlines

The AI chatbot, ChatGPT, recorded an astonishing 100 million monthly active users within just two months of its launch, making it the fastest-growing consumer application in history. According to Similar Web, about 13 million unique visitors used ChatGPT daily in January, and UBS investment bank stated in a research note that its growth is outpacing that of TikTok and Instagram.

While ChatGPT’s use in marketing copy creation or homework assistance has raised some eyebrows, there are serious concerns (especially in the security community) about its ability to create programs with plain English instructions or optimize software programs based on user-defined objectives.

Impact of AI on Accelerating Adversarial Attacks

• Phishing Emails and Social Engineering: Phishing scams are the most common type of malware today, and ChatGPT and OpenAI’s Codex can be used to create phishing emails with malicious payloads. AI can improve the congruency and legitimacy of phishing emails, making them more effective. It can also be used to launch sophisticated social engineering attacks, appearing to write in convincing American English.
• Smarter Malware by Non-Technical Attackers: ChatGPT’s AI capabilities are being abused by hackers to write malicious code. A recent Checkpoint article highlights a few examples where hackers have claimed to use ChatGPT’s help for stealing files and creating ransomware. It also mentions a few instances of non-technical hackers using ChatGPT for malicious purposes.
• The proliferation of bots within the enterprise: Security teams have been fighting the ‘bad bots’ e.g. zombies participating in distributed denial of service attacks. However, enterprises have been welcoming ‘good’ bots to improve employee productivity and customer services. Security teams and their tools need to distinguish between the good bots and the bad ones.

However, it’s not all gloom and doom. Despite the negative impacts (above), it is important to acknowledge the positive impact of AI on security.

Impact of AI in Bolstering Defence:

• AI Augmented Defence: AI can assist enterprise blue and red teams in increasing their effectiveness and productivity. Three out of four surveyed executives say AI allows their organization to respond faster to breaches, as per Capgemini’s research.
• Improved Security Posture: AI and machine learning are essential in analyzing and improving an organization’s cybersecurity posture. They can swiftly analyze millions of data sets and track down various cyber threats, from malware to phishing attacks, continuously learning and improving. Three in five firms say that using AI improves the accuracy and efficiency of cyber analysts, as per Capgemini’s research.
• Improved Threat Detection: AI can detect cyber security threats and malicious activities that traditional software systems cannot keep up with. AI systems are trained to detect malware, run pattern recognition, and detect even the smallest behavior of malware or ransomware attacks before it enters the system. AI-based cybersecurity systems provide up-to-date knowledge of global and industry-specific dangers to prioritize decisions.
• Countering Bad Bots: AI and machine learning help distinguish between good bots, bad bots, and humans by analyzing website traffic data. Capgemini’s research highlights that 69% of organizations believe AI is necessary to respond to cyberattacks.
• Breach Risk Prediction: AI systems can predict where an organization is most likely to be compromised based on its IT asset inventory and threat exposure, allowing it to allocate resources accordingly.

What’s Next?: Keep calm and counterattack!

Keep calm: Despite the sudden increase in sense of urgency and security concerns surrounding AI and bots, experienced security professionals have faced similar challenges before. It is important to stay focused on the fundamentals and adopt a risk-based approach when evaluating any changes to your security policies, covering people, processes, and technology domains.

Counterattack!: In the context of the technology domain: offense is the best defense. To effectively counter AI-based attacks, organizations should prioritize the implementation of AI in their defense strategy.

• AI-based security tools: Many security vendors have already integrated AI into their tools to help enterprises in better threat detection and response.
• The emergence of SOAR: Disparate security tools are often focused on a specific domain. So AI-based security tools are a necessary first step but not sufficient in protection against emerging AI-based advanced threats. That’s why organizations should also consider Security Orchestration, Automation, and Response (SOAR) solutions, which allow for the collection of security data and alerts from different sources, enabling incident analysis and triage through the use of both human and machine power.
• Step-by-step approach: Broad-based defense using SOAR and AI is easier said than done. A step-by-step approach is necessary. According to Capgemini’s research, only 54% of executives have identified the necessary data sets to operationalize AI algorithms. Enterprises should start by prioritizing the acquisition or development of a data platform, followed by identifying use cases that offer significant benefits and are less complex to implement.

References:

1. ChatGPT sets record for a fastest-growing user base in history, report says- https://arstechnica.com/information-technology/2023/02/chatgpt-sets-record-for-fastest-growing-user-base-in-history-report-says/
2. OPWNAI: CYBERCRIMINALS STARTING TO USE CHATGPT- https://research.checkpoint.com/2023/opwnai-cybercriminals-starting-to-use-chatgpt/
3. The Cyber Security Risks of ChatGPT and How to Safeguard Against It- https://www.sangfor.com/blog/cybersecurity/cybersecurity-risks-of-chatgpt
4. The Use of Artificial Intelligence in Cybersecurity: A Review- https://www.computer.org/publications/tech-news/trends/the-use-of-artificial-intelligence-in-cybersecurity
5. Capgemini report- Reinventing Cybersecurity with Artificial Intelligence- The new frontier in digital security- https://www.capgemini.com/wp-content/uploads/2019/07/AI-in-Cybersecurity_Report_20190711_V06.pdf