The Mounting Impact of AI on Cyber Security

The Microsoft Digital Defense Report 2024 spotlights the burgeoning intricacies and perils in the cyber threat landscape. Both nation-state actors and cybercriminals are morphing, harnessing advanced technologies like artificial intelligence (AI) and ransomware. Microsoft confronts over 600 million cyber-attacks daily, accentuating the pressing need for more stalwart cyber security measures

AI is an extremely powerful tool that is increasingly playing a dual role in cyber security, impacting both offensive and defensive strategies. While AI bolsters threat detection, automated response, and anomaly detection for defenders, it also empowers more sophisticated attacks by threat actors. So much so, that at the moment there’s evidence that attackers are spending time to retool through the use of AI.

Attackers are exploiting AI advantages through the orchestration of more effective social engineering. This can be performed at scale with AI-generated phishing emails, voice cloning, and deepfakes permit highly convincing and personalised attacks to businesses. Although these stories are always highlighted by the press, less is mentioned on possible stolen data with these crafted targeted lures.

AI has the ability to expedite malware development and assist in vulnerability discovery, although this is still a nascent threat. There’s a number of tools available now that allow non-developers to write code with deep sophisticated techniques. AI-powered tools can also augment offensive security testing, which could be hijacked by attackers.

As organisations will depend more on AI for cyber security, attackers may endeavour to manipulate these AI models by targeting their training data. This could impair detection capabilities or trigger misclassification of malicious content.

You can learn more about all of these topics by watching the recording of Quorum Cyber’s first AI event, AI in Cyber Security: Navigating the Future, or by reading the event summary , ‘AI Challenges and Opportunities in Cyber Security’.

An escalating AI arms race

The implementation of offensive AI will necessitate organisations to adapt and incorporate AI into their own defences. Not only because of the amount of evidence to trawl through, but because finding the intentional behaviour of an AI generated attack maybe impossible to detect through normal human means. However, AI alone is not a panacea – fundamental security best practices remain pivotal. Communication to the public about ways these new technologies are being used is paramount.

At Quorum Cyber, we anticipate a surge in AI-generated attacks, but the most sophisticated threats will likely target high-value organisations. Custom-trained AI on specific datasets will be a key opportunity for both attackers and defenders.

While AI assists in areas like Security Operations Centre (SOC) analysis, phishing exercises, and vulnerability management, it is unlikely to supplant most cyber security roles in the near term. AI will introduce ways of combining automation and AI to collect and decipher information in readiness for the analyst to review. AI, however, will add more complexity for analysts as they will require the understanding and supervision of using their new and unfamiliar tools.

The human element remains vital in cyber security today, as effective cyber security will blend AI-powered automation with human expertise and oversight. By embedding these tools now, we can better combat AI-assisted attacks in the future. Without this integration, there may be vulnerabilities in an organisation’s protection. As AI continues to progress, it will become an integral part of the cyber security industry.

Prepare for the age of AI with Microsoft Copilot

As a Microsoft Solutions Partner for Security, Quorum Cyber has launched a four-week Copilot for Security Proof of Concept workshop, the first and only offering of its kind. The workshop is designed to empower organisations to successfully implement and maximise Copilot to get ahead of cybercriminals.