The UK’s National Cyber ​​Security Center (NCSC) has issued a warning about the impact artificial intelligence tools will have on global cyber security, intensifying threats which come from the most dangerous attacks such as ransomware or phishing and in general as an invaluable aid in the generation of malware.

Artificial intelligence will be a big name in global technology in 2024, and you’ll see it promoted as an “enhancement” of any type of product or service. ‘Even in the soup’ yes, but maybe in noxious broths. And that’s it regulate artificial intelligence technologies It should have been a priority, as the world’s leading experts have demanded on several occasions. But once again, we have done nothing and these technologies are rampant without anyone knowing what stage we are at and how we will turn out. As far as we are concerned today, AI and cybercrime, those who know where they are going are cybercriminals…

Ever since generative AI reached the general public, it has been widely used for Deepfakes, fake news and spam. And such a dangerous development was born as WormGPT, a chatbot of the ChatGPT type, but designed specifically to make it easier for cybercriminals to fulfill their “tasks”. It was sold on Deep Internet forums, confirming the capacity of AI for malicious purposes as well. And that’s just the tip of the iceberg.

AI and Cybercrime

Cybercriminals are ahead of everyone on the Internet, and few can be surprised that they use the most advanced technologies. The NCSC warning is convenient and ends with a few points to consider. One of them is AI technologies allows the number of cybercriminals to increase. Inexperienced people, hackers for hire and low-skilled hacktivists who can perform more effective and personalized attacks that would otherwise require a lot of time, technical knowledge and operational effort.

It should be said that most of the large learning model (LLM) platforms available, such as ChatGPT and Bing Chat, have protections that prevent the platform from creating malicious content. However, the NCSC warns that cybercriminals are creating and marketing specialized generative AI services designed specifically to support criminal activities, such as the aforementioned WormGPT. According to the British agency, there are indications of this Artificial intelligence has already escaped the confines of safe and controlled frameworkswhich becomes available in the wider criminal ecosystem.

“Cybercriminals, including ransomware developers (the biggest threat), are already using AI to increase the efficiency and effectiveness of various aspects of cyber operations, such as reconnaissance, phishing and encryption.they warn.

And not only inexperienced people will use it. The agency noted that artificial intelligence will help create sophisticated APTs that will more easily and quickly generate evasive custom malware. “AI has the potential to generate malware that could evade detection by current security filters”. and in the case of so-called national attacks “There is a real possibility that highly trained states will have a malware repository large enough to effectively train an AI model for these purposes.”.

As a result, mid-level hackers will gain advantages primarily in reconnaissance, social engineering, and data mining, while less skilled threat actors will see their “performance” improved almost across the board.

The report states that AI’s role in the cyber risk landscape is expected to be evolutionary, reinforcing existing threats rather than being a transformative phenomenon. Still, the NCSC warns that generative AI and large language models will make it very difficult for anyone, regardless of experience and skill level, to Identify phishing, spoofing and social engineering attempts.