Business Insider started an article with the following: "Imagine you've got a meeting with a client, and shortly before you leave, they send you over a confirmation and a map with directions to where you're planning to meet. It all looks normal — but the entire message was actually written by a piece of smart malware mimicking the client's email mannerisms, with a virus attached to the map.
It sounds pretty far out — and it is, for now. But that's the direction that Dave Palmer, director of technology at cybersecurity firm Darktrace, thinks the arms race between hackers and security firms is heading.
As artificial intelligence becomes more and more sophisticated, Palmer told Business Insider in an interview at the FT Cybersecurity Summit in London in September, it will inevitably find its way into malware — with potentially disastrous results for the businesses and individuals that hackers target." End quote.
Tweet #CyberAwareOK, is this just another horror story to scare you into buying Darktrace products?
Not so much. Darktrace uses AI to defend networks. They know how to harness AI, and use it for good. But you can bet that the bad guys are in research mode at the moment, and will start adding AI to malware in the next few years.
Ransomware weaponized with AI could turbocharge the damage done, for instance stay in sleep mode until a large part of the network is penetrated and then suddenly encrypt all systems in one fell swoop.
AI's can now write newspaper articles, think about what can happen when AI's learn to emulate someone's writing style and send out spear-phishing messages using social engineering tactics. So AI-infused malware can infect the CEO's workstation. read through their email, learn how they communicate and then mimic their style to infect other high-target employees.
Think CEO Fraud on steroids.
The FBI estimates that such attacks have cost businesses $2.3 billion over the last three years. And let's not even think about "dark side AI" being able to cause subtle database corruption that will influence business decision making.
However, as Darktrace is doing, you can also use AI for good purposes. and that is why I am lifting a little bit of the veil here. KnowBe4 has been working hard over the last 9 months building an infrastructure to harness artificial intelligence and help your employees make smarter security decisions.
Meet AIDA – your smart sidekick that trains your employees to make smarter security decisions.
AIDA stands for Artificial Intelligence Driven Agent and uses artificial intelligence to dynamically create integrated campaigns that send emails, text and voicemail to an employee, simulating a multi-vector social engineering attack.
AIDA attempts to have the employee either click on a phishing link, tap on a link in a text message, or respond to a voice mail – any of which could compromise your network. In short, AIDA uses Artificial Intelligence to inoculate your employees against social engineering.
If you want to learn more about AIDA and participate in an early beta, read this.
