DailyPost 2859
GENERATIVE AI AND THE THREAT LANDSCAPE
Cloud and generative AI are changing the cyber threat landscape, whereas the latter is doing it in a much more comprehensive manner. The various dimensions of it still remain, but whatever impact it has made so far, gives us a feeling that there are lots to come and it would be difficult to predict most of those. After all, AI is a general purpose technology. As per the CrowdStrike’s Threat Landscape Report 2024 has outlined generative AI one of the two potential disruption drivers which has come to the forefront.
It was towards the end of 2022 that the mainstream accessible generative AI technology exploded. It has for sure drawn the attention of adversaries seeking ways to exploit AI for their own purposes? Given the possibilities it puts forth, how will AI be used within the threat landscape? It has massively democratised computing to improve adversary operations Given the tech facilitation it provides, it has the potential to lower the entry barrier to the threat landscape to technologically much less sophisticated threat actors.
What are the likely opportunities for generative AI within the threat landscape? The two primary ones are; first “tool and resource development such as scripts or code that could be functionally malicious, if used correctly.” the second and even more generic is that AI’s role in “supporting the efficiency and effectiveness of social engineering and information operations campaigns.” What is also being thought about is as to how generative AI will change and contribute in malicious computer network operations.
It is difficult to gauge how much or if any, adversaries are using generative AI in operations, more so whether these technologies will support malicious CNO. CrowdStrike’s visibility of this area of concern has nothing to offer. Even if it were used there have been no significant indicators to prove it or of adversaries having to take any steps in this regard. One things becomes abundantly clear from the information available in the public domain that throughout 2023, generative AI was rarely observed supporting malicious CNO development and / or execution.
ONE SHOULD BE CAREFUL OF THE USE OF GENERATIVE AI IN THE EVER EVOLVING CYBER THREAT LANDSCAPE.
Sanjay Sahay
Have a nice evening.