Dan Goodin on Nostr: I'm curious to know what security professionals think of the new intelligence ...
I'm curious to know what security professionals think of the new intelligence assessment from the UK about AI increasing the number and impact of cyber attacks in the next 2 years.
Do you buy this assessment, or is it wrong? Why or why not?
https://www.ncsc.gov.uk/report/impact-of-ai-on-cyber-threat
Key points:
-- AI will almost certainly increase the volume and heighten the impact of cyber attacks over the next two years. However, the impact on the cyber threat will be uneven (see table 1).
-- The threat to 2025 comes from evolution and enhancement of existing tactics, techniques and procedures (TTPs).
-- All types of cyber threat actor – state and non-state, skilled and less skilled – are already using AI, to varying degrees.
-- AI provides capability uplift in reconnaissance and social engineering, almost certainly making both more effective, efficient, and harder to detect.
-- More sophisticated uses of AI in cyber operations are highly likely to be restricted to threat actors with access to quality training data, significant expertise (in both AI and cyber), and resources. More advanced uses are unlikely to be realised before 2025.
-- AI will almost certainly make cyber attacks against the UK more impactful because threat actors will be able to analyse exfiltrated data faster and more effectively, and use it to train AI models.
-- AI lowers the barrier for novice cyber criminals, hackers-for-hire and hacktivists to carry out effective access and information gathering operations. This enhanced access will likely contribute to the global ransomware threat over the next two years.
-- Moving towards 2025 and beyond, commoditisation of AI-enabled capability in criminal and commercial markets will almost certainly make improved capability available to cyber crime and state actors.
Do you buy this assessment, or is it wrong? Why or why not?
https://www.ncsc.gov.uk/report/impact-of-ai-on-cyber-threat
Key points:
-- AI will almost certainly increase the volume and heighten the impact of cyber attacks over the next two years. However, the impact on the cyber threat will be uneven (see table 1).
-- The threat to 2025 comes from evolution and enhancement of existing tactics, techniques and procedures (TTPs).
-- All types of cyber threat actor – state and non-state, skilled and less skilled – are already using AI, to varying degrees.
-- AI provides capability uplift in reconnaissance and social engineering, almost certainly making both more effective, efficient, and harder to detect.
-- More sophisticated uses of AI in cyber operations are highly likely to be restricted to threat actors with access to quality training data, significant expertise (in both AI and cyber), and resources. More advanced uses are unlikely to be realised before 2025.
-- AI will almost certainly make cyber attacks against the UK more impactful because threat actors will be able to analyse exfiltrated data faster and more effectively, and use it to train AI models.
-- AI lowers the barrier for novice cyber criminals, hackers-for-hire and hacktivists to carry out effective access and information gathering operations. This enhanced access will likely contribute to the global ransomware threat over the next two years.
-- Moving towards 2025 and beyond, commoditisation of AI-enabled capability in criminal and commercial markets will almost certainly make improved capability available to cyber crime and state actors.