"Between the lines: Nation-state hackers are going to build tools to automate everything - from spotting vulnerabilities to launching customized attacks on company networks, says Phil Venables, partner at Ballistic Ventures and former security chief at Google Cloud. "It's definitely going to come," Venables tells Axios. "The only question is: Is it three months? Is it six months? Is it 12 months?""
"Threat level: A recent Microsoft report found that AI-automated phishing emails achieved a 54% click-through rate, compared with 12% for phishing lures that didn't use AI. Hackers are increasingly targeting critical infrastructure and financial services companies, according to a survey of cyber professionals conducted by Deep Instinct, an AI-powered cybersecurity firm. 50% of respondents at critical infrastructure organizations said they had already faced an AI-powered attack in the last year."
Generative AI enables hackers to boost skills and automate parts of the attack chain, including code writing, vulnerability spotting, and attack research. Nation-state and criminal groups are already using AI models to develop tools for customized attacks, influence operations, and AI-powered malware. AI-automated phishing campaigns achieve much higher click-through rates than non-AI lures. Critical infrastructure and financial services face increased targeting, with many organizations reporting AI-powered attacks. Security teams observe attempts to misuse legitimate AI-powered hacking tools. The timeframe for widespread automated offensive tool adoption could be months to a year.
Read at Axios
Unable to calculate read time
Collection
[
|
...
]