The biggest cybersecurity risk from the increasing use of artificial intelligence (AI) tools is an escalated volume of attacks, according to findings from BlueVoyant’s second external cyber defense trends report.
In a statement today (Feb 13), cybersecurity company BlueVoyant highlights the new risks organisations face from outside the traditional IT perimeters based on the observations from BlueVoyant digital and third-party risk analysts.
BlueVoyant’s threat intelligence global head Ron Feler said while the essential of the attacks don’ change, the increased number and diversity of attacks make defenders’s jobs more challenging.
It said cyber criminals capitalised on generative AI to create more effective phishing campaigns.
“In recent months our analysts have seen more and more of these dark web markets entering the world of OpenAI by offering hundreds of thousands of compromised ChatGPT credentials for sale.
“Most of these credentials are harvested from non-secure personal devices by a family of malware known as InfoStealers. Some users sign up for AI services with their corporate logins.
“If these credentials are compromised, hackers can potentially access corporate networks,” the report added.
The 2024 report said cyber criminals are exploring the use of AI through malicious variations of ChatGPT such as WormGPT that facilitate cybercrime, using AI in various ways such as to create malicious code and sophisticated social engineering such as drafting fake email for phishing campaign.
Besides using AI tools, the report found that cybercriminals are also using online ads as an attack vector to lure unsuspecting victims to malicious websites impersonating large financial institutions in the United States, United Kingdom, and Eastern Europe.
“There is also a need for better email security as many organisations are not enabling all key components that secure the authenticity and integrity of the messages, which could leave them susceptible to email-based threats,” it added.
The report also highlighted the continued need to patch quicker, as there is a continued quicker exploitation of new vulnerabilities.
“In the first report, BlueVoyant found that organisations were often slow to patch systems even as attackers were exploiting new vulnerabilities faster.
“Now, the exploitation of vulnerabilities is happening even faster, prompting a high-stakes race between threat actors and defenders after a disclosure.”
The report also entailed best practices for holistic external defense and continuity for organisations which include building comprehensive defenses, monitoring for suspicious search engine ads, employing timely patching and addressing email security.
BlueVoyant’s global head of supply chain defence Joel Molinoff said organisations’ attack surfaces are ever expanding, and cyber threat actors are adapting their strategies to exploit new avenues of vulnerabilities.
“We undertook this research to shine a light on the attack vectors organisations need to be aware of and recommended actions to help prevent the latest threats.”
The research was completed using trend data queries from BlueVoyant’s Supply Chain Defence and Digital Risk Protection solutions, the cybersecurity firm added.
