Read at ComputerWeekly.com
In 2023, there were significant advancements and attacks in cyber security. In 2024, it is expected that phishing campaigns leveraging the capabilities of AI will become more prevalent. Already, there have been breaches and attacks using 'bespoke phishing lures' against Microsoft employees. The trend of automation behind cyber attacks is also expected to continue expanding, with attackers combining and automating multiple steps of the traditional kill chain. This includes automatically creating or selecting phishing attacks tailored to a user's OSINT information and using AI to create plausible backstories.
Already in 2024, we have seen a number of breaches and attacks including the use of 'bespoke phishing lures' against Microsoft employees.
In addition to the use of AI in cyber attacks, there is a need for more governance and ethical use of AI software. Attackers are weaponizing AI, utilizing large language models and automating A/B testing within phishing emails and broader cyber attacks. However, there is often a lack of focus on targeting the security of AI systems themselves.
Attackers weaponising the use of AI, whether it be utilising large language models (LLMs) or automating the generation of A/B testing specific features within phishing emails and broader cyber attacks, will continue to dominate conversations.