2023 was definitely the year that AI became a household name. We’ve barely seen what artificial intelligence is capable of, and while industries are still coming up with more ways to use the technology, we’ve already seen countless examples of how people want to take advantage of AI for less savory purposes. 2024 is already shaping up to be the year that businesses need to protect themselves from AI-generated cybersecurity threats. Let’s take a look at everything you need to know as a business owner.
In case you haven’t been caught up, the tech world has been shifted by some new technology that uses vast amounts of information and complex algorithms to generate human-like text. In the simplest terms possible, engineers wrote a piece of software that was designed to “train” itself by reading a massive amount of text from the Internet. It read about 300 billion words from books, social media sites, news articles, and plenty of other types of content. Because it was able to absorb and index so much information, users can ask it questions and it can understand and respond to those questions in plain English (or Spanish, French, German, Italian, Portuguese, and more).
This is called a Large Language Model, or LLM, and the most popular version of this right now is called ChatGPT. Most people commonly refer to this technology and other similar types of systems as artificial intelligence (AI).
These systems can do some pretty remarkable things. They can answer questions quickly, and generate large amounts of content on a topic very fast. You can “brainstorm” ideas with it, and then ask it to give you a task list for everything discussed. AI has been a great resource for software developers, as it can be used to quickly find security vulnerabilities in vast amounts of code before cybercriminals can exploit them.
And that’s where the problem lies.
Paleontologists have determined that the earliest use of the bow and arrow happened about 60,000-70,000 years ago in South Africa. It’s suspected that this groundbreaking (at the time) device was used for hunting. Obviously we will never be able to pinpoint exactly when or how this happened, but at some point, the world experienced the first prehistoric person drawing a bow and arrow on a fellow prehistoric person.
This has been the cycle for technology ever since, and when something new emerges, someone is going to figure out how to use it to cause trouble. Over the last several years, we’ve even seen the so-called troublemakers adopt modern technology even faster than the general population in some cases.
This is happening with AI. Cybercriminals are able to use AI to become much more effective. They can use AI to find vulnerabilities in software before developers are able to provide security patches. They can use AI to write phishing emails that are even more convincing and effective. They can use AI to write malware that is more devastating and infectious.
Cybersecurity has always been a virtual arms race, and AI kicks things into overdrive. To stick with our theme, cybercriminals from 20 years ago were using the bow and arrow, and now with AI and other modern tactics, they have supersonic fighter jets. Businesses and individuals need to be even more vigilant about protecting their data.
We all always talk about cybercriminals and hackers as if they are lone wolf anarchists sitting in a dark basement, drinking store-brand Mountain Dew, wearing a dirty hoodie, and staring into a bunch of screens with green matrix code.
The reality is that most cybercriminals treat their work like a business.
They are always working on getting the most profit for the least amount of effort; they follow and repeat successful campaigns and revamp things that don’t work.
But that’s not the worst part.
Over the last few years, it’s been uncovered that a lot of scammers and cybercriminals are actually trafficked people, forced to follow scam playbooks in order to pay off their captors and regain freedom. In some cases, when you get a scam phone call or text message or phishing email, it’s coming from a victim of human trafficking.
There are entire compounds that house thousands of people, tricked away from their homes and families and essentially imprisoned to try to scam individuals and businesses. CNN recently did an incredibly eye-opening article that is worth checking out, but be warned, there is some disturbing content.
This gets us a little off topic when it comes to how AI is being used by cybercriminals, but we feel that it’s extremely important to raise awareness about these types of operations, and just how intense they are both in scale and misery. Cybersecurity is an industry all on its own, and every time an individual or organization gets scammed, it fuels something that is causing a lot more harm than simply forcing a business to its knees or stealing thousands of dollars.
Between AI, social engineering scams, and a growing industry of reprehensible cybercriminals, doing your part in protecting your business and yourself from cyberthreats will go a long way in ensuring that you can be successful.
SouthBridge Consulting LLC can help your business establish a culture of cybersecurity, and implement the tools you need to prevent threats. Get started with a cybersecurity audit—give us a call at (281) 816-6430 to get things kicked off.
When you subscribe to the blog, we will send you an e-mail when there are new updates on the site so you wouldn't miss them.