CYBERSECURITY company Trend Micro has issued a warning about the transformative role of generative artificial intelligence (GenAI) in the cyber threat landscape and a coming tsunami of sophisticated social engineering tactics and identity theft powered by GenAI tools.
According to its vice-president of market strategy, Eric Skinner, advanced large language models (LLMs) which are proficient in any language pose a significant threat as they eliminate the traditional indicators of phishing, such as odd formatting or grammatical errors, making them exceedingly difficult to detect.
"Businesses must transition beyond conventional phishing training and prioritise the adoption of modern security controls. These advanced defences not only exceed human capabilities in detection, but also ensure resilience against these tactics," he said recently.
AI disrupting phishing market
The widespread availability and improved quality of GenAI coupled with the use of Generative Adversarial Networks (GANs) is expected to disrupt the phishing market this year.
Trend Micro predicts this transformation will enable cost-effective creation of hyper-realistic audio and video content — driving a new wave of business email compromise (BEC), virtual kidnapping and other scams.
"Given the potentially lucrative gains that threat actors might achieve through malicious activities, they will be incentivised to develop nefarious GenAI tools for these campaigns or to use legitimate ones with stolen credentials and VPNs to hide their identities," the company said.
AI models themselves may also come under attack this year.
"While GenAI and LLM datasets are difficult for threat actors to influence, specialised cloud-based machine learning models are a far more attractive target. The more focused datasets they are trained on will be singled out for data poisoning attacks with various outcomes in mind, from exfiltrating sensitive data to disrupting fraud filters and even connected vehicles. Such attacks cost less than US$100 to carry out," said Trend Micro.
These trends may, in turn, lead to increased regulatory scrutiny and a push from the cybersecurity sector to take matters into its own hands.
"This year, the cyber industry will begin to outpace the government when it comes to developing cybersecurity-specific AI policy or regulations," said Trend Micro's vice-president of cybersecurity, Greg Young.
"The industry is moving quickly to self-regulate on an opt-in basis."
Elsewhere, Trend Micro's 2024 predictions report highlighted:
A SURGE in cloud-native worm targeting vulnerabilities and misconfigurations and using a high degree of automation to impact multiple containers, accounts and services with minimal effort.
CLOUD security will be crucial for organisations to address security gaps in cloud environments, highlighting the vulnerability of cloud-native applications to automated attacks. Proactive measures, including robust defence mechanisms and thorough security audits, are essential to mitigate risks.
MORE supply chain attacks will target not only upstream open-source software components, but also inventory identity management tools, such as telecommunication SIMs, which are crucial for fleet and inventory systems. Cybercriminals will also likely exploit vendors' software supply chains through continuous integration/delivery systems, with a specific focus on third-party components.
ATTACKSon private blockchains will increase as a result of vulnerabilities in the implementation of a number of private blockchains. Threat actors could use these rights to modify, override or erase entries and then demand a ransom. Alternatively, they could try to encrypt the entire blockchain if they seize control of enough nodes. BEC cost victims more than US$2.7 billion in 2022, according to the US Federal Bureau of Investigation.