12 January 2025, Sun |
1:35 PM
12 January 2025, Sun |
1:35 PM
Positive Technologies has released an in-depth report highlighting the increasing use of artificial intelligence (AI) in cyberattacks. The report reveals that AI could potentially be utilized in all tactics outlined in the MITRE ATT&CK matrix and in 59% of its techniques.
Previously, AI was used in only 5% of these techniques, with another 17% showing feasibility. However, the rapid proliferation of AI tools is driving a surge in adoption by cybercriminals, who are leveraging the technology to enhance their capabilities.
Experts emphasize that within a year of ChatGPT-4’s release, phishing attacks increased by an alarming 1,265%. Analysts believe this trend will continue as AI enables attackers to automate tasks, simplify processes, and execute complex strategies with greater precision. The report highlights that hackers are already using AI to write malicious scripts, verify code, and automate malware development, allowing even novice cybercriminals to execute sophisticated attacks.
The misuse of AI-powered large language models (LLMs) is a growing concern. Developers are criticized for failing to implement sufficient safeguards to prevent hackers from generating malicious text, code, or instructions. This oversight has paved the way for AI-driven incidents to rise, as attackers use the technology to identify vulnerabilities, create phishing campaigns, and generate deepfakes. Analysts predict the emergence of specialized AI modules tailored for specific attack scenarios, potentially leading to fully automated cyberattacks that can independently identify and target new victims.
Positive Technologies notes that weak cybersecurity infrastructure in developing countries and the arms race between attackers and defenders are accelerating the adoption of AI in cybercrime. To combat these threats, the company recommends prioritizing vulnerability management, participating in bug bounty programs, and addressing detected flaws promptly to mitigate risk.
Roman Reznikov, Information Security Research Analyst at Positive Technologies, advises that AI-driven threats should not incite panic but rather drive action toward stronger defenses. He states, “The most logical way to counter AI-driven attacks is by leveraging even more efficient AI-powered defense tools.” Positive Technologies has developed solutions like MaxPatrol O2, an autopilot designed to detect and block attacker actions within infrastructure before they cause significant damage.
The report also highlights how Positive Technologies is integrating machine learning into its cybersecurity tools to address the growing sophistication of cyberattacks. Solutions such as MaxPatrol SIEM, PT Application Firewall, and PT Sandbox use AI to detect anomalies, identify zero-day vulnerabilities, and provide advanced protection against malware.
As AI continues to transform the cybersecurity landscape, organizations must adopt proactive measures to protect against evolving threats. AI-powered tools and timely vulnerability management are critical to staying ahead of cybercriminals and ensuring robust cybersecurity.
