Conversation

Notices

1. Embed this notice
   Mathew J. Schwartz (euroinfosec@infosec.exchange)'s status on Thursday, 13-Mar-2025 20:28:27 JST Mathew J. Schwartz

   Fact check: Reuters report claims that "the rise of generative artificial intelligence has made it an attractive tool for bad actors, with its low entry barrier ensuring broad accessibility, leading to an increase in global cyberattacks."

   Is there any evidence that AI has led to an increase in online attacks?

   Surely it's made convincing-sounding phishing emails across multiple languages easier to create, and would obviously facilitate BEC and CEO fraud attacks via asynchronous communications.

   But has it really caused "an increase in global cyberattacks*"?

   https://www.reuters.com/technology/sentinelone-forecasts-annual-revenue-below-wall-street-estimates-2025-03-12/

   • Embed this notice
     Xavier «X» Santolaria :verified_paw: :donor: (0x58@infosec.exchange)'s status on Thursday, 13-Mar-2025 20:34:27 JST Xavier «X» Santolaria :verified_paw: :donor:

     • Kevin Beaumont

     @GossiTheDog @euroinfosec "Caused by" probably not, "Helped with", most likely :)

   • Embed this notice
     Tom Uren (tomatospy@infosec.exchange)'s status on Friday, 14-Mar-2025 08:35:05 JST Tom Uren

     in reply to

     • Kevin Beaumont
     • Mark

     @mdh @GossiTheDog @euroinfosec

     Yes. That’s right, Google https://cloud.google.com/blog/topics/threat-intelligence/adversarial-misuse-generative-ai and OpenAI https://cdn.openai.com/threat-intelligence-reports/influence-and-cyber-operations-an-update_October-2024.pdf have said that it is being used.

     These reports are both based on examining how AI models are being used.

     My guess is the disconnect arises because from an incident response perspective use of AI tools is not obvious.

   • Embed this notice
     Mark (mdh@infosec.exchange)'s status on Friday, 14-Mar-2025 08:35:06 JST Mark

     • Kevin Beaumont
     • Tom Uren

     @GossiTheDog @euroinfosec Given the ways in which it could and realistically would be used I’m really unclear on how on earth you could make that statement with any level of confidence. What am I missing here?

     I’d offer as a counterpoint that Generative AI providers like Google have talked about watching Chinese and Iranian crews I believe (though I’m quoting something second hand here form @tomatospy if I’m remembering correctly) use it.

   • Embed this notice
     Mark (mdh@infosec.exchange)'s status on Friday, 14-Mar-2025 15:44:52 JST Mark

     @GossiTheDog @tomatospy @euroinfosec I don’t really see this as a rebuttal to the original point though.

     We are still left with I think 3 key bits of information:

     1. Gen AI changes the economics for a bunch of attack vectors in a fairly substantial way.
     2. Gen AI providers have come out to say that they absolutely have seen a lot of usage of their tools in that capacity.
     3. Unlike say malware it’s really not obvious that you’re going to find the same kinds of artefacts during IR except in certain scenarios like a spear phishing campaign and I don’t know how you could say with any confidence that it was or wasn’t used in a lot of scenarios.

     I don’t think any of those are particularly controversial statements at all are they?

     It absolutely makes sense and is even a logical conclusion that this does indeed lead to substantial growth in attacks but I’d argue in a way that isn’t in contrast to what you said either.