Weaponizing AI in Cyberattacks Discussed on Hacker Forums

Help Net Security reports that weaponizing AI in cyberattacks is a hot topic on hacker forums. Researchers have found details of dedicated AI and machine learning for criminal alternatives to popular chatbots, and indications that suggest the development of simple malware and distributed denial of service queries using these options.

Most cyberattacks against companies are perpetrated by tricking employees, and cybercriminals are using new methods including AI to refine their techniques. Seven of ten attacks dupe employees via phishing. They are also being fooled into downloading fake updates to their web browser.

Financial theft was the primary objective of cybercriminals in 2023. It was the motive of nearly 90 percent of customer-related incidents. Extortion activity increased by 74 percent, with a record 4,819 compromised entities named on data-leak websites from ransomware groups. LockBit alone accounted for 1,000-plus entities.

The ReliaQuest security firm saw a significant threat from suspected nation-state actors using so-called ‘living off the land’ (LotL)  techniques, in which hackers try to hide their activity via techniques such as log clearing.

An April 2023 intrusion observed by researchers consisted of a Chinese state-sponsored group using LotL commands to blend into a company’s environment. That technique facilitated access for more than a month.

In 2024, cybersecurity will be characterized by the weaponizing of AI in cyberattacks and the creation of malicious AI models. Threat actors will employ automation that enhances their capabilities and automated playbooks will give even unskilled attackers sophisticated methods of operation, and shorten the time from breach to impact.

“As the threat continues to evolve, defenders must stay agile, using AI and automation to keep pace with the latest attack techniques,” says Michael McPherson, ReliaQuest’s SVP of Technical Operations