Hackers are using artificial intelligence (AI) capabilities to conduct attacks against physical infrastructures, which could threaten vital services and commerce.
The FBI recently alerted Congress that hackers from China have penetrated deeply into the United States cyberinfrastructure, aiming to inflict harm. Hackers supported by the Chinese government are focusing their attacks on critical infrastructure, including water treatment facilities, electrical systems, and oil and natural gas pipelines. Experts say the Chinese operations are a sign of the growing use of AI for cyberattacks and could affect the functioning of businesses.
Cybercrime rates are escalating, with experts warning that the expanding deployment of AI in cyberattacks poses a significant risk to business operations. This trend underscores the urgent need for companies to bolster their cybersecurity measures in response to these sophisticated threats.
“AI, in a way, gives us all superpowers,” Luke Plaster, chief security architect at the cybersecurity firm io.finnet, told PYMNTS in an interview. “Unfortunately, that means malicious invaders are now able to leverage a new combination of social engineering tactics and tools like large language models [LLMs] to craft more effective attacks.
“For example, LLMs can generate convincing spear-phishing emails to gain initial access, and then are followed up by AI-produced malware to exploit vulnerabilities and escalate an attacker’s privileges.”
Criminals can now use AI to automate malware creation on just about anything connected to the internet, Antonio Sanchez, principal evangelist at the cybersecurity provider Fortra, told PYMNTS in an interview. He added, “A bad actor could use AI to create code that would disable machines or operate at dangerous levels, causing catastrophic results.”
Cyberattacks against infrastructure aren’t just a hypothetical threat. The 2021 attack on the Colonial Pipeline showed how harmful ransomware can be to essential services, causing significant disruptions, Plaster said. Similarly, when hackers hit Ukraine’s power network, it showed they could attack the systems controlling industries, leading to extensive power outages.
A recent deepfake incident where a finance worker was tricked into authorizing a $25 million transfer reveals an “alarming evolution” in cyber-physical attack techniques, Plaster noted.
“Attackers are leveraging AI to craft highly convincing deepfakes capable of deceiving even the most vigilant individuals,” Plaster said. “These examples underscore the need for organizations to continually reassess their defenses against these multifaceted and sophisticated threats.”
Part of the problem is that cyber-physical systems are often aging. They typically use technology and protocols created in the 1970s and 1980s and were designed with something other than security in mind, neglecting typical security measures like encryption, integrity checks and authentication, Patrick Gillespie, practice lead, Operations Technology at GuidePoint Security, told PYMNTS in an interview.
“Retrofitting or redesigning these systems to include basic security controls presents significant challenges and can be costly,” he added.
While AI provides attackers with powerful tools, it can also serve as a formidable ally in defense. AI is revolutionizing how security teams manage cyberthreats, enhancing the speed and efficiency of their operations. AI streamlines the early phases of an incident investigation by sifting through large volumes of data and spotting intricate patterns. These advanced techniques provide security experts with a comprehensive overview of the situation from the start, thereby accelerating the response process.
Cybersecurity workers are using AI not only to guard against AI-powered cyberattacks but also to enhance predictive analytics, improve threat detection, refine investigation methods, assist with AI copilots, and automate workflows.
“Organizations produce massive amounts of security-relevant data daily, which can be almost incomprehensible to the human mind,” Adam Geller, the CEO of the security company Exabeam, told PYMNTS in an interview. “However, GenAI and machine learning (ML) offer some of the best technologies for identifying patterns in these data stores.”
AI can also help businesses by transforming patch management, which strengthens software defenses against cyberattacks by updating to the latest version. Recent data breaches have shown the inefficiencies and outdated nature of traditional methods, which require a lot of manual work, Josh Aaron, the CEO of Aiden Technologies, told PYMNTS in an interview.
“AI-powered tools that are helping firms detect and reverse software attacks include advanced solutions like AI-based hyper-automation,” he added. “These tools go beyond traditional patch management methods, offering enhanced efficiency, security, and compliance in addressing evolving digital threats.
“Embracing AI and hyper-automation allows organizations to not only safeguard their digital assets but also elevate workforce efficiency and engagement in a rapidly changing digital landscape.”
We’re always on the lookout for opportunities to partner with innovators and disruptors.
Learn More