AI Infused Malware Is The New Security Threat To Worry About
AI Infused Malware Is The New Security Threat To Worry About
While viruses and malware have stubbornly stayed as a top-10 “things I lose sleep over as a CISO,” the overall threat has been steadily declining for a decade. Unfortunately, an entourage of related self-propagating ransomware abruptly propelled malware back up the list and highlighted the risks brought by modern inter-networked business systems and the explosive growth of unmanaged devices.
The damage wrought by these autonomous (not yet AI-powered) threats should compel CISOs to contemplate the defenses to counter such a sophisticated adversary. However, over the next two to three years, we expect to see AI infused malware – all focused on optimizing efficiency in harvesting valuable data, targeting specific users, and bypassing detection technologies.
• Smart automation and basic logic processing could be employed to automatically navigate a compromised network, undertake non-repetitive and selective exploitation of desired target types and, upon identification and collection of desired data types, perform a one-off data push to a remote service controlled by the malware owner.
While not terribly magical, such AI-powered capabilities would not only undermine all perimeter blacklist and enforcement technologies but also sandboxing and behavioral analysis detection.
Use of cognitive and conversational AI to monitor local-host email and chat traffic and to dynamically impersonate the user - The malware’s AI could insert new conversational content into email threads and ongoing chats with the objective of socially engineering other employees into disclosing secrets or prompting them to access malicious content.
Use of speech to text translation AI to capture user and work environment secrets -Through a physical microphone, the AI component could convert all discussions within the range of the compromised device to text.
These AI capabilities are commercially available today. Collectively or singularly, each AI capability can be embedded as code within malicious payloads. We at Scorpiones are getting ourselves prepared for such attacks in the near future, The baseline for defending against these attacks will lie in ensuring all parts of the organization are visible and continually monitored. In addition, Our CISO invests in tooling that brings speed and automation to threat discovery through AI-powered detection and response.
As malware writers harness AI for cybercrime, the security industry must push forward with a new generation of dissection and detonation technologies to prepare for this coming wave. A couple of promising areas for implementing defensive AI include threat intelligence mining and autonomous response.
Want our Red Team Operations to find the weak spots in your organization's security?Or maybe we should teach your employees how to protect themselves from Social Engineering attacks that may compromise your entire security system.Contact us now and we will find you the suitable strategy for your business.