by Aamir Sheikh

Generative AI, notably represented by ChatGPT, has emerged as a game-changer in the technological landscape, captivating industries worldwide. While hailed for its transformative potential, concerns are rising about its darker applications. A recent surge in phishing attacks, facilitated by the linguistic prowess of generative AI, poses a significant threat to cybersecurity. Darktrace’s groundbreaking research sheds light on the evolving tactics of threat actors, exposing vulnerabilities in traditional defense mechanisms.

Email phishing in the age of generative AI

In the wake of ChatGPT’s proliferation, the dynamics of email phishing attacks have undergone a discernible shift. Darktrace’s comprehensive analysis indicates that while the overall number of attacks has plateaued, the tactics employed have become markedly more sophisticated. The decline in conventional phishing methods is offset by a 135% surge in ‘novel social engineering attacks,’ coinciding with the widespread adoption of generative AI.

Of particular concern is the increasing ability of threat actors to craft convincing, personalized emails at scale. The scenario is akin to receiving an email from a trusted source, perhaps a supervisor, with impeccable language, punctuation, and tone—courtesy of generative AI. This trend unveils the unsettling possibility that these advanced tools are becoming a breeding ground for cybercriminals, enabling them to deploy targeted attacks with unprecedented efficiency.

How generative AI amplifies the challenge

In a more recent timeframe, Darktrace’s observations between May and July have unveiled a nuanced transformation in phishing strategies. Attackers are now pivoting towards impersonating internal IT teams, a departure from the erstwhile trend of mimicking senior executives. VIP impersonation has decreased, but email account takeover attempts surged by 52%, and internal IT team impersonation increased by 19%.

This shift in tactics reflects the adaptability of threat actors, who are quick to exploit emerging trends. As employees become savvier in detecting executive impersonations, attackers leverage generative AI to simulate communications from IT departments, a realm previously deemed less susceptible to impersonation. The rise in realistic voice deep fakes and linguistically sophisticated emails suggests an impending arms race between attackers and defenders.

How AI defends against generative threats

While generative AI amplifies the risk of cyber threats, it also holds the potential to fortify cybersecurity defenses. Defensive AI, when integrated with human-led cybersecurity teams, can act as a bulwark against evolving threats. By leveraging AI to comprehend business nuances and employee behavior, cybersecurity teams can discern subtle anomalies indicative of potential attacks.

The crux lies in utilizing AI not just as a potential threat vector but as a strategic ally in the cybersecurity battlefield. Defensive AI that adapts, learns, and understands the intricacies of an organization’s communication patterns can outsmart generative AI wielded by threat actors. It is a testament to the human-centric approach needed in the ongoing cybersecurity battle—a battle where AI, when harnessed judiciously, becomes an indispensable asset in securing digital realms.

As generative AI continues its ascent, both the promise and perils it presents come sharply into focus. The evolving landscape of phishing attacks underscores the urgency for organizations to fortify their cybersecurity measures. While generative AI empowers threat actors, the judicious integration of defensive AI with human expertise offers a formidable defense against cyber threats. In the delicate dance between technological advancement and security concerns, the onus lies on humanity to wield AI responsibly, ensuring a future where innovation coexists harmoniously with safeguarded digital realms.

photo 2023 10 17 13 14 21