Page 58 - Cyber Defense eMagazine February 2024
P. 58

can get that. The ability of AI to function flawlessly in any language has opened up new regions for
            enterprising black hats. Additionally, the ability of AI to scour social media, and the internet at large, for
            personal  details  has  also  made  large-scale  spear  phishing  a  possibility  as  well.  What  used  to  take
            humans days now takes seconds or less.


            But wait – it gets worse. New AI techniques also make them harder to detect. These detection evasion
            tactics ensure that attacks only present themselves to the intended target and otherwise ‘play dead’ for
            detection processes. These include anything from altering word sentences and structure to generating
            polymorphic malware on the fly.

            And  let's  not  forget  the  most  powerful  aspect  of  phishing  –  the  social  engineering  craft.  Thanks  to
            generative AI’s new methods of identity falsification, it’s harder than ever to tell what’s real from what’s
            not. This is evidenced in deepfake videos, voice phishing, and even QR code phishing (quishing).



            Using AI to fight AI

            The good news is that AI is unbiased, at least in a security context. Whoever wields it can bend it to their
            will, and security hasn’t been slow to make use of it.

            In  the  fight  against  AI-based  phishing,  it  is  being  used  to  trawl  the  web  to  identify  new  phishing
            infrastructure. It goes without saying that it can do this much faster than humans can. On that same note,
            AI is also being leveraged for its ability to spot divergent patterns over petabytes of data, thereby proving
            its usefulness in identifying stealthy attacks. Operationally, AI-based detection and response tools are
            helping overwhelmed teams level-up without staffing up, and vet alerts to reduce false positives helping
            to avoid burnout and overwhelm.

            The only thing to remember is that AI is still the student, not the teacher. A human eye and mind are still
            required to make the hard calls, manage the decisions that come from data analysis, and (as of yet)
            deploy the systems in the first place.



            The Necessity of the Human Element

            It's clear that AI can only do so much on the defensive side. All the AI-gleaned data in the world is no
            good without the expertise to know what to do with it. Someone needs to create the workflows, someone
            needs to confirm and vet incident response, and someone needs to tell the other humans on the team
            when something is amiss.

            And that someone doesn’t always have to be Steve the IT Guy. All employees need to be aware of the
            latest cybercrime trends, especially those with non-technical roles, if there is any such thing these days.
            The head of HR needs to know the latest AI-driven phishing tactics as much as your system administrator,
            if not more. They need to know to be on the lookout for deepfakes, which emails sound “phishy,” and why
            they should always check with IT if Microsoft is sending them an unsolicited request to update their Teams
            login – again.






            Cyber Defense eMagazine – February 2024 Edition                                                                                                                                                                                                          58
            Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.
   53   54   55   56   57   58   59   60   61   62   63