Deepfakes to hacking-for-hire: generative AI’s impact on the cyber threat landscape
Published
Read time
- Gen AI is a major emerging risk in cyber security – Howden experts explore its impact in our 2024 Cyber insurance report: risk, resilience and relevance
- The technology is increasing the risk of sophisticated attacks by advanced groups, and lowering the barriers to entry for less skilled hackers
- AI-driven cyber defences are developing rapidly and can be used with existing risk controls to increase resilience to threats
Watch a short interview on Gen AI with Julian Alovisi, Head of Research, and Shay Simkin, Global Head of Cyber (57 seconds)
Imagine joining an important video call with senior leaders in your business. It looks like them. It sounds like them. Except they’re asking you to do something… alarming.
That’s what happened to one employee at a major advertising group earlier this year when they were targeted with a sophisticated deepfake scam, which used a voice clone and YouTube video footage in an attempt to solicit money and personal details.
The fraudsters were unsuccessful that time, but another major international firm was not so lucky. They lost US$25 million when criminals used a digital clone of the company’s CFO to trick staff into ordering money transfers during a video conference.
Stories like these underline the growing threat of Gen AI in the hands of cyber criminals – a rapidly evolving security issue that should be high up on the agenda for businesses and insurers.
The impact of this emerging technology – both the risks and the opportunities – is explored in depth by Howden experts in our 2024 Cyber insurance: risk, resilience and relevance report.
Read the report.
New threats
While deepfakes capture the headlines, our research shows that Gen AI’s impact on the threat landscape will be highly nuanced.
It’s likely to enable more advanced attacks from sophisticated actors, while lowering barriers to entry for novice hackers. This could lead to an increase in the frequency, severity and aggregation of attacks.
The good news is new AI-driven defences are developing at pace and can be deployed by companies alongside existing risk controls to increase resilience to threats.
[Gen AI is] probably the biggest revolution that we will see in our lifetime.
Risks increasing across the spectrum
Our research points to two key Gen AI trends set to shape the future of cyber.
Firstly, state-backed threat actors will look to deploy Gen AI to increase the effectiveness and scale of their activity. Motivated by geopolitical objectives, they are likely to use these new technologies to sharpen their tactics, techniques and procedures. This includes using large language models (LLM) to make established hacking activities easier, with one Russian gang, for example, using AI to conduct reconnaissance on satellites.
Secondly, commercial hackers’ enhanced capabilities could have an impact on the claims landscape – by pushing up the potential aggregation, severity and frequency of claims in predictable areas.
Organised crime and more technologically advanced groups will use AI to enhance their capabilities – allowing them to focus on lucrative hacking against companies that will pay big ransoms. This could mean a significant increase in the severity of a small number of claims.
At the other end of the spectrum, AI is lowering the barriers to entry into cyber criminality. Less-skilled hackers will gain the biggest uplift in their capabilities with new access to tools, code and intelligence. This AI-driven democratisation of hacking could lead to a rise in the frequency of low-level claims.
Highly capable state actors backed by nation states are more likely to be deployed on conflict and geopolitical goals, and so pose less concern to business and insurers. But insurers should be aware that Gen AI can be used to enhance malware capabilities – and should priorities change, this could lead to increased risk of spillover and loss aggregation.
Gen AI improving defences
How companies respond to these new threats will determine the impact of AI-fuelled cyber attacks and the resulting insurance losses.
Encouragingly, current defences should be strong enough to withstand the increase in relatively straightforward and predictable attacks.
Cyber experts are also excited about Gen AI’s ability to reinforce defences across a number of areas. And there are already use cases that stand out as both powerful and achievable.
They include pre-release software scanning where software developers are using AI to scan code for vulnerabilities before release – robbing hackers of the critical lag time between release and code fixing, which they often exploit.
Another exciting application is in threat hunting, with analysts using AI to help them probe the network faster and more accurately for threat actors who may have slipped in, including training LLMs to flag suspicious activity, such as spikes in network volumes.
Companies should be prepared
There’s growing evidence that AI will accelerate cyber attacks over the next one to three years.
Companies should be prepared for an increase in new and more sophisticated approaches, as well as attacks on more established vectors.
But it’s not all doom and gloom: there are proven, effective mitigating factors out there.
Staff education and awareness, vulnerability scanning and penetration testing and more can make all the difference.
