There's no day when you don't hear about AI on the news. From the rapid development of new technology to the way it impacts our future, AI has always been in our minds, especially in the world of technology.
And some of the most fiery questions surrounding new advancements in tools like ChatGpt come from the world of cybersecurity. How do bad actors use AI to augment malicious behavior? And how does ransomware evolve to better avoid our defenses?
To see what that means for the tools and the future of the cybersecurity industry, Paul Dunn, senior systems engineer at Ilmio and Michael Adjei, director of Systems Engineering at Ilmio's EMEA, sat down to discuss how AI works, the lies of its vulnerabilities, and how security leaders can fight its impact.
Their lowest advice? Returning to basics.
Read the reason and use the short clip below to see the full discussion.
AI structure and its many vulnerabilities
Less than two years after ChatGPT was first launched, in such a short time, the industry is already seeing new AI technologies have a major impact on cybersecurity.
It is important to understand how AI is constructed to combat points where attackers can interfere.
“In simplified terms, AI works by using datasets with input, hidden and output layers,” explained Adjei. “The data is pushed into the input layer and moved to a hidden layer where AI 'Magic' occurs. Then it becomes the output layer that the consumer can interface with.”
Where are the vulnerabilities in this process? “At almost every stage,” Ajay said.
AI security risks have been around for years
These vulnerabilities did not begin with the extensive release of ChatGPT last year. Adjei and Dant explained that compromised AI systems have existed for many years.
The pair cited Microsoft's 2016 launch of an AI chatbot for Twitter. “Within a few hours, the chatbot provided the worst, most sleazy information you could imagine from the internet.
This is an early and simple example of AI-related attacks, but shows how malicious actors build on existing attack tactics, techniques, and procedures (TTP). Organizations of all industries, geography and sizes need to be proactive in preparing to secure inevitable AI-generated attacks.
As a recent example, Dant encouraged ChatGpt to create ransomware on the spot, highlighting the ease of skirting Guardrail. ChatGpt had no intention of dealing with Dant's prompt to “write ransomware”. However, when he puts an educational spin on his prompt and splits his demands into innocently visible stairs, he discovers that Chatgup is trying to help, and is finally about to build ransomware for him.
“ChatGpt wants to help us,” Dant said. “What I found is that if you actually put an educational spin on the prompt, you're likely not understanding what your ultimate intention is and will actually help you automate the creation of ransomware scripts.”
This example is just one of many AI use cases, and is used by threat actors to discover each day and accelerate the amount and impact of attacks. As adjei skillfully summed up: “Pretty cool but pretty scary”
How should security leaders respond to AI risks?
Despite the fear that AI is causing cybersecurity, Adjei and Dant agreed that many organizations can do to counter the next potential attack. The most important thing is to go back to the basics.
“The first response for many CISOs and security leaders is, “AI is being used by bad guys, so good people also need more AI,” Adjei said.
Danto agreed, explaining that while AI will be more important in terms of analyzing data and completing tasks with the same speed attack movement, the best way to prepare for an AI attack is to ensure good cyber hygiene.
“The first principle is to go back to basics,” Danto said. “Ultimately, the principles of good cyber hygiene, lateral movement and zero trust will become even more effective in the future.”
No matter how AI-generated attacks occur, the core security doctrine remains true. “It's important that security leaders don't feel overwhelmed in the face of AI,” Dan said.
With both Adjei and Dant moving forward, security leaders are encouraging them to focus on building cyber resilience and violation containment in line with Zero's trust security strategies.
Watch the full webinar and make sure it's very simple for an attacker to build ransomware using AI.
Contact us today to learn more about building resilience to AI attacks using the Illumino Zero Trust segmentation platform.
