The UK’s National Cyber Security Centre (NCSC) has released a report outlining the potential of Artificial Intelligence (AI) shaping the future of cybersecurity. The assessment forecast the implications of AI on the cyber threat landscape for the subsequent two years, following discussions at the Bletchley AI Safety Summit in November 2023.
AI is serving dual roles in the cybersecurity sphere: as a tool for defense and as a means for more complex cyber attacks. Thus, the report anticipates a future where cybersecurity becomes intricately tied with AI for both cybersecurity defense and offense.
Some risks identified by the report are:
– AI could lead to a surge in the volume and severity of cyber attacks
– AI’s accessibility may lower entry barriers for beginner cybercriminals.
– Proliferation of AI tools in the criminal and commercial space could result in novel attack methods.
– Distinguishing between legitimate and malicious communications will become more difficult, complicating cybersecurity management.
– AI could pave the way for enhanced social engineering through realistic phishing scams.
– The development of malware and exploitations would be heightened by AI.
– Lastly, threat actors could use AI for efficient reconnaissance operations to quickly locate and extract unauthorized data.
Lindy Cameron, the NCSC’s Chief Executive, noted that the emerging use of AI in cyber threats is an enhancement, not a transformation, of existing problems, like ransomware.
OpenAI, similar to the NCSC, underlined the potential of AI democratization and scalability in cyber attacks, and has planned to curb election misinformation and deepfakes. They foresee a potential rise in cyber attacks, including ransomware, by brand-new threat actors. However, the biggest threats still come from sophisticated threat actors who can harness AI to develop advanced malware.
Additionally, the report highlighted the threat posed by fraud-oriented AI tools, citing FraudGPT and WormGPT as examples. In response, OpenAI is collaborating with the US Department of Defence to boost cybersecurity defenses and has announced a $1 million grant for such initiatives. The NCSC’s report thus serves as a timely reminder of the critical role AI plays in shaping the future of cyber threats.