The National Cyber Security Centre (NCSC) in the United Kingdom has expressed concerns regarding the potential negative implications of artificial intelligence (AI) tools on cybersecurity, especially concerning the growing threat of ransomware.
According to the NCSC, cybercriminals are progressively utilizing AI for malicious purposes, a trend expected to intensify in the coming years, resulting in more frequent and severe cyber assaults.
The advancement of AI is anticipated to enable less proficient hacktivists, hackers-for-hire, and untrained threat actors to carry out more precise and sophisticated attacks with increased ease, circumventing the necessity for extensive time, technical expertise, or operational resources.
While prominent large learning model (LLM) platforms such as ChatGPT and Bing Chat have integrated security protocols to counter the generation of harmful content, the NCSC alerts that cybercriminals are actively creating and distributing specialized AI services to support illicit activities. For example, WormGPT, a fee-based LLM service, empowers threat actors to produce detrimental content like malware and phishing lures.
This transition signifies that such technology is now readily available within the wider illicit ecosystem, surpassing controlled and secure frameworks. The NCSC stresses a specific threat evaluation, emphasizing that threat actors, including malware operators, are already utilizing AI to enhance the effectiveness of various cyber operations like reconnaissance, phishing, and coding.
The NCSC’s assessment highlights several key points:
- AI is set to increase the frequency of cyber assaults in the next couple of years, impacting current defense strategies.
- Both seasoned and inexperienced digital threat actors are leveraging AI, encompassing state and non-state entities.
- AI boosts social engineering and surveillance techniques, making them more potent and challenging to detect.
- Sophisticated AI in digital activities is likely to be restricted to actors with access to high-quality data, expertise, and resources until 2025.
- AI’s capacity to expedite data analysis and model training will magnify the repercussions of cyberattacks on the UK.
- AI’s accessibility diminishes obstacles for novice fraudsters, heightening the global ransomware threat.
- The proliferation of AI capabilities is predicted to enhance the availability of state-of-the-art tools for state actors and cybercriminals by 2025.
The NCSC foresees that AI will enable advanced threat actors to rapidly devise intricate custom malware that eludes existing security frameworks. While less skilled actors will benefit in various aspects, intermediate-level hackers may witness improvements in reconnaissance, social engineering, and data retrieval.
Moreover, AI is expected to fortify malware creation, vulnerability exploration, and lateral movement efficiency, primarily benefiting adept threat actors. Despite these advancements, human expertise will continue to be indispensable in these domains in the foreseeable future.
In summary, the NCSC warns that recognizing phishing, spoofing, and social engineering attempts will become progressively arduous for individuals of all proficiency levels due to the emergence of conceptual AI and large language models.
