The Dual Impact of AI on the Cybersecurity Landscape

The cybersecurity landscape is constantly evolving and as technology advances, so do the tools and tactics employed by both cybercriminals and cybersecurity professionals. One significant, recent development that has garnered much attention is the emergence of open-source, generative artificial intelligence (AI) tools and powerful language models such as ChatGPT and Bard. AI technologies can be a double-edged sword – while they can assist overworked cybersecurity professionals by automating and streamlining routine tasks, they can also be used by cybercriminals to automate and scale their attacks, or make their attacks more convincing.

Richard De La Torre, Technical Marketing Manager at Bitdefender, sat down recently to discuss the impact that open-source, generative AI tools will have on the cybersecurity landscape, and what cybersecurity professionals and businesses should do to prepare.

The dark side: Enabling cybercriminals

Large language models like ChatGPT have made it easier than ever for cybercriminals to quickly craft sophisticated, authentic-seeming phishing emails and social engineering attacks. Because these tools can instantly generate conversational, human-like text, attackers are able to convincingly mimic the communication style of trusted individuals or organizations, thereby increasing the effectiveness of their attacks. Soon, cybercriminals will likely use these language models in combination with AI-generated images, audio, and video clips to further deceive unsuspecting users into sharing sensitive information, providing access to computer systems, or otherwise taking actions they should not.

Additionally, generative AI tools like ChatGPT and others enable cybercriminals to scale and automate their attacks to a degree that wasn’t previously possible. Even novice cybercriminals can use these tools to facilitate the writing of malicious code, or troubleshoot their existing malware strains to close any gaps and make them more effective. Though ChatGPT has some safeguards in place to prevent users from generating malware or other content for nefarious purposes, Bitdefender security researchers have discovered that these safeguards can be circumvented relatively easily with the right techniques and knowledge. By using generative AI tools to streamline the development of malware and automate the distribution of their attacks, cybercriminal groups can increase their frequency and cast a wider net to target more potential victims.

The bright side: Assistance for overworked security teams

Despite the concerns and risks surrounding generative AI, these technologies also present an opportunity for organizations to bolster cybersecurity defenses and support their often-overworked cybersecurity teams. With the ever-increasing volume and complexity of cyber threats, AI-powered tools can help security teams automate the more mundane and repetitive security tasks, allowing analysts to focus on more critical aspects of their work and improving operational efficiency.

AI can also be used to automate the monitoring and analysis of security events and logs, identifying anomalies in behavior, and enabling faster detection and response to potential threats. Machine learning algorithms can be trained to identify patterns indicative of malicious activity, freeing up valuable time for cybersecurity professionals to investigate and mitigate threats.

Bitdefender has long been embedding AI and machine learning (ML) into our cybersecurity solutions in this way. For example, Bitdefender GravityZone eXtended Detection and Response (XDR) leverages ML technologies to correlate and analyze vast amounts of security data from diverse sensors and sources throughout an organization. The GravityZone Incident Advisor then presents the findings in a human-readable format that enables security professionals to quickly take recommended actions. As AI tools become more advanced, the cybersecurity industry will continue to develop innovative ways to leverage these technologies to improve operational efficiency and strengthen their defenses.

Ultimately, organizations must take a proactive, multi-layered security approach to strengthen their cyber-resiliency as powerful AI technologies continue to become more mainstream. They should adopt best practices for security awareness training, to help employees understand the sophistication of today’s threats and how to keep from becoming a victim. They should also embrace AI and ML-powered security technologies that can augment and assist their security teams in monitoring, identifying and responding to threats.

There’s no putting the genie back in the bottle when it comes to generative AI. These tools are now readily available to everyone, but with the right strategies and AI-powered cybersecurity solutions, organizations can use them to their advantage to stay one step ahead of their adversaries.