AI, Cybercrime and Trust
Here's a fascinating, forward-looking perspective on cybercrime: This is how artificial intelligence will become weaponized in future cyberattacks
Among other insights, it points out that AI will create new techniques for cybercrime. The most significant of these is "gaining an understanding of what communication is dominant in the target's network and blending in."
Who hasn't heard the story of the diligent employee who fell victim to a clever phishing attack due to domain deception or unclear relationships between vendors? They clicked on what appeared to be an official company domain or perhaps one related to a partner of the company (like their insurer or 401K provider). They filled out the form and provided the requested information, just as they had done many times before.
In other words, employing adaptive behavior typically attributed to human hackers. Scary stuff, especially at the scale that AI could potentially achieve. Using trust to confuse during phishing attacks is not a new technique. That's why many companies insist on hosting customer and partner-facing services under their domain.
These points highlight the incredible opportunity and threat that AI poses. It underscores the importance of maintaining control over data, especially when it leaves your organization. Because even if you can defend your employees against future AI cybercriminals—or cyber-augmented criminals—can you protect your partners, vendors, and customers?
Here's a fascinating, forward-looking perspective on cybercrime: This is how artificial intelligence will become weaponized in future cyberattacks
Among other insights, it points out that AI will create new techniques for cybercrime. The most significant of these is "gaining an understanding of what communication is dominant in the target's network and blending in."
Who hasn't heard the story of the diligent employee who fell victim to a clever phishing attack due to domain deception or unclear relationships between vendors? They clicked on what appeared to be an official company domain or perhaps one related to a partner of the company (like their insurer or 401K provider). They filled out the form and provided the requested information, just as they had done many times before.
In other words, employing adaptive behavior typically attributed to human hackers. Scary stuff, especially at the scale that AI could potentially achieve. Using trust to confuse during phishing attacks is not a new technique. That's why many companies insist on hosting customer and partner-facing services under their domain.
These points highlight the incredible opportunity and threat that AI poses. It underscores the importance of maintaining control over data, especially when it leaves your organization. Because even if you can defend your employees against future AI cybercriminals—or cyber-augmented criminals—can you protect your partners, vendors, and customers?
