Page 39 - Cyber Defense eMagazine January 2024
P. 39
Advanced AI-Powered Attack Methods
With generative AI frameworks at their fingertips, hackers are crafting increasingly convincing scams that
bypass traditional cybersecurity measures. This is exemplified in the evolution of phishing scams. As fake
emails were once underdeveloped and easy to detect, generative AI has enabled fraudsters to craft much
more sophisticated, professional-looking messages that are harder to identify as fraud.
Some of the other prominent attack methods raising concern among businesses include:
1. FraudGPT: Hackers are exploiting a new product being sold on the dark web called FraudGPT,
which was built solely for the purpose of enhancing fraud and scamming techniques. FraudGPT
is an LLM without the same filters and limitations as ChatGPT, enabling users to generate
information such as the curation of malicious code, locating vulnerabilities, identifying vulnerable
targets and more - making it a powerful weapon for cybercriminals, and a danger to organizations
and their users.
2. Password guessing: The deployment of AI-supported password guessing — also known as AI-
assisted password cracking — is a tactic that uses AI techniques to guess or identify passwords.
Similar to phishing, this technique uses machine learning algorithms to enhance password
matching, accelerating and optimizing traditional password stealing processes. In fact, hackers
can steal passwords with up to 95% accuracy when leveraging AI.
3. Deepfakes: These synthetic creations, crafted with AI and featuring eerily realistic faces, are
evolving at an alarming pace. A recent study revealed a worrying trend: 52% of people believe
they can identify a deepfake video. This overconfidence is dangerous, considering these digital
doppelgangers can fool even the most discerning eye.
The corporate world is now becoming a prime target for deepfake fraud, as high-level executives
are falling victim to AI-powered scams. For example, voice cloning is now being used to
impersonate C-suite individuals, which allows hackers to mimic the victim’s voice and orchestrate
elaborate fraud schemes within the company. The CEO of a major security enterprise recently
learned this the hard way when a cloned voice impersonated him, attempting to pull off a corporate
heist.
As AI-supercharged cyberattacks increasingly wreak havoc, security leaders must ramp up their
defenses to shield themselves and their users.
Turning the Tables: Make AI a Cybersecurity Shield
As organizations are bombarded with AI-powered attack methods, how do they fight back? To stay one
step ahead of the next threat, security leaders can fight fire with fire, leveraging AI-powered security tools
including:
Cyber Defense eMagazine – January 2024 Edition 39
Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.