CS Jan-Feb 2024
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
artificial intelligence<br />
effective tool in the armoury of the security<br />
industry; they need to deploy AI over WANs<br />
to stop cybercriminals in their tracks. It<br />
can ensure that regulatory compliance is<br />
achieved and maintained."<br />
SCALING NEW CYBERCRIME LEVELS<br />
The UK government, for its part, has<br />
warned that AI is likely to increase the<br />
risk of cyberattacks by 2025 by allowing<br />
cybercriminals to orchestrate more<br />
effective and large-scale attacks at a faster<br />
rate, points out Charl van der Walt,<br />
head of security research at Orange<br />
Cyberdefense. "Cybercriminal activity<br />
has risen dramatically this year, which<br />
correlates with the explosion of ChatGPT<br />
and LLMs onto our collective consciousness.<br />
In fact, our data shows that the<br />
number of ransomware attacks that took<br />
place between <strong>Jan</strong>uary-September has<br />
increased by over three quarters YoY.<br />
While correlation isn't causation, there’s no<br />
doubt that AI is allowing cybercriminals to<br />
scale at a rate we have never seen before."<br />
A key trend he identifies is that LLMs<br />
and machine translation are forcing an<br />
increased 'internationalisation' of cyber<br />
extortion as a crime - allowing actors from<br />
different language groups to target and<br />
extort victims in English-speaking countries,<br />
and allowing victims in countries that don't<br />
use 'common' languages to be extorted<br />
more readily. "Think of places like China<br />
and Japan where language may have<br />
historically presented a barrier to criminals."<br />
The UK Government's focus on AI and its<br />
impact on cybercrime is therefore applaudable<br />
and, while we await regulation, he<br />
concludes, "it's vital that businesses are<br />
aware of its impact on the cybersecurity<br />
landscape and take every step possible to<br />
defend against it".<br />
"<br />
DEEP CONCERNS<br />
More than half (53%) of global IT decision<br />
makers are concerned about ChatGPT's<br />
ability to help hackers craft more believable<br />
and legitimate sounding phishing emails,<br />
says Gareth Lockwood, VP of product,<br />
Censornet. It's also much easier to create<br />
convincing deepfakes in manipulated<br />
videos and images. "Now, more than ever,<br />
bad actors can easily manipulate the<br />
power of AI to automate and advance<br />
attacks. Generative AI is helping hackers<br />
create highly persuasive content for<br />
phishing or business email compromise<br />
(BEC) attacks.<br />
"The pressing question that all cybersecurity<br />
teams need to ask, he feels, is how<br />
to adapt to these changes. "This comes at<br />
a time when security leaders are feeling<br />
overwhelmed. 35% of UK SMEs have two<br />
or fewer people in their cybersecurity team.<br />
And with this comes huge risk. One in five<br />
cybersecurity professionals are losing sleep<br />
over concerns - up from 9% on 2022,<br />
contributing to lack of concentration and<br />
inability to focus. Staffing shortfalls, coupled<br />
with the relentless pace and complexity<br />
of threats, places immense pressure on<br />
existing teams."<br />
Intelligent automation and integration<br />
are the keys to regaining control. "In the<br />
future, the evolution of AI in cybersecurity<br />
is expected to focus on predictive analytics<br />
and proactive threat mitigation. By harnessing<br />
the power of machine learning and<br />
data analysis, AI systems can anticipate<br />
potential vulnerabilities and threats before<br />
they materialise, allowing organisations to<br />
adopt a more pre-emptive security<br />
posture."<br />
HUMAN-AUTOMATION BALANCE<br />
AI is set to proliferate every aspect of the<br />
working environment, as organisations<br />
automate tasks and become more cost<br />
effective and efficient. To remain competitive,<br />
says Michelle Moody, managing<br />
director, Technology Consulting at Protiviti,<br />
"they will embark on the AI journey that<br />
will include a variety of use cases from<br />
supply chain optimisation, predictive/<br />
Charl van der Walt, Orange Cyberdefense:<br />
AI is allowing cybercriminals to scale at<br />
a rate we have never seen before.<br />
Mike Spanbauer, Juniper Networks: expect<br />
organisations to make larger investments in<br />
Zero Trust network security strategies.<br />
www.computingsecurity.co.uk @<strong>CS</strong>MagAndAwards <strong>Jan</strong>/<strong>Feb</strong> <strong>2024</strong> computing security<br />
19