At cybersecurity’s largest annual gathering, RSA Conference, in San Francisco from May 6-9, thousands of guests from experts, vendors, analysts, practitioners and journalists will discuss the evolution of cybersecurity products, user needs, evolving threat landscape and market shifts. There will be continued discussions around the decrease in venture capital funding in the space since the massive infusion in 2021. Vendors will tout their AI-based cybersecurity offerings that can predict, detect and prevent attacks. And government agencies and industry leaders will discuss legislative efforts. However, I look forward to the discussions about how the industry will adjust to bad actors using AI to deliver more targeted and sophisticated attacks.
While only a handful of sessions explicitly mention bad actors' use of AI, a quick scan of the news shows more and more stories are being written about the different types of attacks over the last year that will surely be top of mind of CSOs and CISOs. Recent stories around this topic include:
- The Oligo research team has shared an active attack campaign targeting a vulnerability in Ray, a widely used open-source AI framework. This impacts companies and servers running AI infrastructure, allowing attackers to take over the companies' computing power and leak sensitive data. Many LLMs are built on this framework (source: VentureBeat)
- The US Department of Treasury shares the current state of AI-based attacks targeting financial services. This includes realistically mimicking voice to impersonate customers at financial institutions to access accounts and using AI to craft increasingly sophisticated email phishing attacks with better formatting and fewer typos.
- FBI Director Chris Wray (source: CNBC) warning of cyber-physical attacks leveraging AI to target critical infrastructure such as water treatment plans, the electrical grid and transportation systems. MIT researchers say these attacks can trigger fires and explosions or take systems offline.
- Microsoft reported (source: New York Times) the tracking of hacking groups affiliated with Russian military intelligence, Iran's Revolutionary Guard, and the Chinese and North Korean governments using AI for spying.
What used to require some skill, whether bartering on the dark web, collaboration or organized criminal rings, is no longer the case as AI has leveled the playing field. CrowdStrike CEO George Kurtz told Jim Cramer that cybercriminals have access to advanced generative artificial intelligence that democratizes “very esoteric techniques and attacks” for adversaries who don’t have the same sophistication or skill level.
At the same time, enterprises are trying to overcome talent shortage gaps and facing tighter overall IT budget restraints. Meanwhile, cybersecurity vendors are beefing up their defense mechanisms using AI, but bad actors are also experimenting and honing their skills to evade AI-based cybersecurity products and entry points. There are hundreds of companies with brilliant solutions that address different aspects of cybersecurity defenses with AI, while some are using marketing to hype their solutions.
As organizations and CSOs place greater importance on the ability to observe, detect, and defend against attacks in real-time, comprehensive solutions and ecosystems that can truly adapt to this constantly evolving threat environment will win out.
What has been clear throughout history is that the cybersecurity community continues to evolve with innovative thinking, new approaches, and compelling solutions to thwart bad actor activity. Here at Treble, we have many decades of experience working with smart people, including venture capitalists, board members, entrepreneurs and practitioners in cybersecurity and beyond. If you are a company doing something truly innovative in this space, we’d love to support you on your journey. Please feel free to reach out to see how we can work together!