How to combat increased cyber threats from AI

Virtual Private Network (VPN) service provider, NordVPN looks at how companies and individuals can guard against AI-powered cybercrime.

Artificial intelligence (AI) has become a game changer in many areas of our daily lives, including cybersecurity. With the rising use of new AI-driven tools like ChatGPT, the number of cyberattacks has doubled and became more sophisticated. Cybersecurity experts say that AI-powered cybersecurity tools could help protect your privacy in the new reality, but they are not a silver bullet.

“AI will not steal jobs from hackers, at least soon,” said Marijus Briedis, CTO at NordVPN.

“Cybercriminals are keen users of AI-driven tools, but it’s about improvement, not replacement. Hackers learned how to use AI to increase the capacity of their work and make their job easier, quicker, and more effective. The utilization of AI tools has facilitated the automation of a significant portion of phishing attacks, and it is anticipated that the frequency of such attacks will escalate in the future, posing a significant cybersecurity threat.”

There are several ways how hackers use AI to increase the success rate of their cybersecurity attacks.

Tailoring spear-phishing attacks 

The most common way cybercriminals use AI is to create personalised and convincing phishing attacks. Since AI can analyse vast amounts of publicly available data and better understand the target’s behaviour and preferences, AI-generated personalised phishing e-mails can be highly effective at deceiving individuals. Moreover, public information is not the only thing that popular AI tools have at their disposal. 

“As AI systems become more prevalent, there is an increased risk of mishandling or misusing sensitive data,” explained Briedis. “For example, if an employee of a certain company uses an AI tool to write a report from confidential information, the same data later could be used to create so-called spear-phishing attacks that are highly tailored to individual targets, increasing the likelihood of success. Once you get a phishing e-mail with information that is supposed to be confidential, there is a big chance that you will fall into the trap.”

Modifying malware in real-time

AI tools help hackers automate tasks like reconnaissance and crafting custom malware, making their attacks more efficient, difficult to detect, and large-scale. For example, AI-powered bots can conduct automated brute-force attacks, leading to an increased volume of attacks.

“Hackers also use AI to enforce malware attacks to evade traditional cybersecurity defenses,” said Briedis. “By using AI algorithms, attackers modify malware in real-time to avoid detection by antivirus and other security tools. With this kind of automation, hackers are seriously challenging traditional cybersecurity tools and exploiting their vulnerabilities.”  

How to mitigate cybersecurity risks posed by AI

While AI proved its effectiveness in improving cyberattacks, it could also be used to protect users, but it’s not a silver bullet. “Cybersecurity requires a multi-layered approach, including user education, regular software updates, strong passwords, and best security practices,” said Briedis.

How to mitigate cybersecurity risks posed by AI-driven attacks:

• Check the destination URL before clicking. The most common way to lure victims into downloading malware is through phishing emails that hide spoofed URLs and malicious files. AI-generated tailor-made phishing emails might be hard to distinguish. But instead of clicking the link, hover your mouse on the button first to see the destination URL. Check if it looks legitimate and – this is important – if it contains the “https” part.

• Double-check the legitimacy of an e-mail. If you receive an e-mail from somebody you know, think twice before clicking any links. Is it typical of this person to send an email? If not, contact them via phone, social media, or other channels to confirm the legitimacy.

• Use a reliable antivirus. Users should choose an antivirus with advanced protection against malware, spyware, and viruses. An antivirus program will detect and neutralise malicious threats before they do any harm. For example, NordVPN’s Threat Protection feature neutralises cyber threats, like malware-ridden files or malicious websites, before they can damage your device.

• Enable a firewall. A firewall protects the system by monitoring the network traffic and blocking suspicious connections. Users should have security settings and ensure the computer’s inbuilt firewall is running.

• Stay secure on public Wi-Fi using a VPN. Public Wi-Fi networks are highly vulnerable to hacking. Cybercriminals often target people at free hotspots and try to slip malware into their devices. Users should always use a VPN to secure their Wi-Fi connection and protect themselves from unwanted snoopers.