This is a reminder that we need to be aware of the new challenges that AI can bring. There’s no doubt that it’s here to stay and helps businesses move faster, but it can also introduce risks, by helping hackers ⚠️
New research shows that cyber criminals are exploiting and weaponizing AI. Using it to launch more aggressive attacks with less time and effort.
It’s even allowing more hackers with limited skills to create malicious code. Something that would have been beyond their abilities not so long ago.
But, in a new development, hackers are now also attacking the tools companies use to build AI systems.
Autonomous AI agents, often called ‘Agentic AI’ are now a major target for cyber-attacks.
It’s a new attack surface that has come with the adoption of AI. If criminals can compromise these tools, they can steal credentials, deploy malware, and even takeover automated workflows 😱
This is already being seen in action in the real world. Generative AI was used to create new malware like Funklocker and SparkCat. Several groups, like Chollima (State-backed North Korean group) have recently used it to automate insider attacks, and Scattered Spider were able to deploy ransomware within 24 hours of gaining access.
This is a significant evolution in strategy.
Up to this point, people were the main way of gaining access to a business. This was usually through phishing emails, vishing (voice phishing) or compromised credentials and passwords. Now the AI systems themselves are being exploited. Adding another level of complexity to the fight against cyber-crime.
This shows that AI can be your best ally or biggest vulnerability.
It can potentially strengthen your security posture, but also create new ways for cyber criminals to break in.
With this in mind, it’s important for businesses to:
✔️ Keep security tools up to date
✔️ Limit admin privileges
✔️ Carefully consider when and where AI is used in operations
AI is here to stay, and so is the threat of those who choose to misuse it.
Businesses that thrive in this new era, will be those that integrate AI while bringing in robust, multi-layered security around it.
Leave a comment!