Philip Ingram MBE examines the changing cyber landscape with Generative AI.

Generative AI (GenAI), a growing and pivotal branch of artificial intelligence centred on the creation of new data from existing datasets, according to global Cloud Security company, Crowdstrike, “is now steering significant changes within the cyber threat landscape.

“With its roots in machine learning and bolstered by neural network designs like transformers and models such as ChatGPT, GenAI possesses the unique capability to produce remarkably human-like text, introducing both novel opportunities and challenges in cybersecurity.”

This technology’s ascent comes at a time when cyber-attacks, including phishing, scams and data breaches, are increasingly sophisticated, leveraging vulnerabilities to carry out deepfakes and whaling tactics.

The Crowdstrike team in their security 101, don’t just talk about threat but go on to add, “as the cyber threat landscape evolves, the role of GenAI in enhancing the efficiency and depth of cybersecurity defences cannot be understated.

“GenAI can integrate with platforms to augment the capabilities of cybersecurity professionals, promising advancements in real-time insights and proactive threat detection.”

However, this surge in AI-driven security measures also raises concerns about computational demands, the potential misuse of AI by attackers and ethical dilemmas, setting the stage for a dynamic discourse on mitigating strategies and future cybersecurity trends.

The changing threat landscape

GenAI is changing the cyber threat landscape and developing one where cyber-attacks are not only more frequent but also increasingly complex and sophisticated.

It is also enabling more threat actors as GenAI improves, the coding and technical know-how to attack published vulnerabilities will decrease.

This will increase the number of ‘novice’ cybercriminals and hacktivists.

Other developments in the threat landscape includes better cyber reconnaissance and social engineering by threat actors, making these tactics more efficient and challenging to detect.

Advanced Persistent Threats (APTs) becoming even more sophisticated, grammatical errors in phishing emails will be eliminated, the tone of routine emails usually received by the target can be copied. 

Greater access to ‘hacking’ tools through greater commercialisation of AI-enhanced capabilities.

AI enhanced Hacking as a Service (HaaS) is coming.

This ongoing integration of GenAI within cyber operations not only broadens the scope of potential cyber threats but also necessitates a re-evaluation of current cybersecurity strategies to effectively counter these evolving challenges.

According to the US publication, Security Magazine, “Various countries have been identified using GenAI for cyber espionage.

“For instance, North Korea’s Kimsuky group has used GenAI to target foreign think tanks, creating content for spear-phishing attacks.” 

Forbes Magazine suggests, “AI’s ability to simultaneously attack traditional IT frameworks, cloud containers, and operational technology will lead to complex, multifaceted crises.”

Cybersecurity provider Trend Micro picks up on the wider mis and dis-information threat and says, “Generative AI enables the mass distribution of targeted, convincing messages across various languages, increasing the scale and impact of cyber propaganda or misinformation campaigns.”

Finally, business technology website ZDNet identifies the spectre of the deep fake threat, “The creation of fake news, phone calls and deepfake images and videos using GenAI poses serious threats to public trust and information integrity.

“These tools allow malicious actors to impersonate public figures or manipulate media to spread disinformation effectively.”

Cyber defence changes too

Generative AI significantly enhances cybersecurity defences by automating and improving various processes.

Crowdstrike suggests, “It improves real time threat detection and response by analysing large datasets, identify patterns and predict potential threats, allowing for proactive defence mechanisms.

“It can enhance security measures by automating security protocols such as the creation of complex passwords and encryption keys.

“AI-powered tools detect and remediate security gaps, such as unnecessary services or vulnerabilities, thus defending against potential breaches.”

The race is on for GenAI in both the threat actor and the cyber defender spheres. 

However, what is needed to properly defend against the GenAI threat is virtually the same as defending against known cyber threats.

At the top of the bill is education, awareness, and culture.

If people know the threat is out there and there is a culture of talking about it, then it is less likely that people will fall for GenAI threats.

To mitigate against threat actors using GenAI to exploit vulnerabilities patching, red teaming, encryption, access management and security policy and programme management remain key.

The journey through the evolving cyber threat landscape underscored by the advent and integration of GenAI has illuminated both the burgeoning opportunities for enhancing cybersecurity defences and the nuanced challenges it introduces.

As we have traversed the intricacies of GenAI’s role in both fortifying and exploiting digital realms, it becomes evident that the technology’s dual-use nature necessitates a balanced approach—one that leverages its potential to predict and counteract cyber threats while vigilantly guarding against its misuse.

However, what is clear is the cyber landscape has entered a new significant period with a technology that we still don’t know where it will go in terms of helping humanity and being a threat to humanity.

The significance of these developments can hardly be overstated, as they not only redefine traditional cybersecurity strategies but also mandate a continuous adaptation to the shifting paradigms of cyber threats and defences.

Last year, Elon Musk was among the dozens of tech leaders, professors and researchers who signed the letter, published by the Future of Life Institute, calling for artificial intelligence labs to stop the training of the most powerful AI systems for at least six months, citing “profound risks to society and humanity.” 

It is clear the tech threat environment is developing beyond just cyberspace.

Looking forward, the trajectory of GenAI in the cybersecurity domain signposts to a future where the interplay between AI-driven innovations and cyber threats will increasingly dictate the robustness of cybersecurity measures.

Emphasising the importance of strategic foresight, the discourse points towards an imperative need for ongoing research, ethical considerations, and proactive policy-making to navigate the complexities this integration posits.

As industries and nations grapple with these emergent challenges, the collective endeavour to fortify digital ecosystems against sophisticated cyber threats will undeniably shape the landscape of cybersecurity resilience in the era of GenAI.

This article was originally published in the May Edition of Security Journal United Kingdom. To read your FREE digital edition, click here.