Artificial intelligence may be enhancing cyber threats, but the approach to defending against these AI-amplified attacks remains unchanged, a senior FBI official said Tuesday.
“We’ve seen both criminal and nation-state actors, and they’re definitely using AI for their own benefit,” said Jason Vilnosky, assistant director of the FBI’s Cyber Division. “But the way attacks unfold hasn’t changed. Cyberattacks still follow basic steps. They’re now at incredible speeds.”
The best way to combat such attacks is to employ all the traditional defenses the FBI has been emphasizing as part of its “Operation Winter SHIELD” media campaign, he said.
“We don’t have to worry about the speed and the power” of AI attacks, Bilosky said at the Billington Cybersecurity Conference. “If you focus on the basics, it will help prevent real intrusions.”
This was a message Nick Andersen, Acting Director of the Cybersecurity and Infrastructure Security Agency, also shared at the conference. He said sophisticated attackers exist, but recent binding operational directives to federal agencies to eliminate unsupported edge devices were a way to shore up basic vulnerabilities.
“We see non-zero days continue to be exploited in this environment,” he said. “The least we can do is strengthen that advantage and make it a little more difficult to exploit in that regard.”
His advice to state and local governments was to take a “back to basics” approach, including adopting multi-factor authentication.
Vilnosky further warned about this threat.
“Identity is the new boundary. You’re looking for legitimate traffic on your network,” he said. “So we don’t see malware drops anymore. We don’t see very noisy TTPs anymore.” [tactics, techniques and procedures]. This is a legitimate credential that moves laterally across the network as if it were a legitimate user on the network. You need to track the attacker as if the adversary were already on the network. Because that’s the type of activity you’re looking for. ”
