LATEST INTELLIGENCE
Introduction
In discussions around the future of AI and cyberthreats,
we often wonder when we can expect to
see malicious or offensive AI attacks in the wild.
PRESENTED BY
While we have not yet seen conclusive evidence
of execution, this report will show that all the tools
and open-source research needed to facilitate an
AI-augmented attack exist today. Therefore, we
can anticipate that AI-driven cyber-attacks are
Download whitepaper
not years away, but a very real possibility in the
hereimmediate future.
AI-AUGMENTED ATTACKS
AND THE BATTLE OF
THE ALGORITHMS
This report will document an end-to-end attack
lifecycle, and how each stage could leverage
elements of the AI ‘toolkit’ to improve and
streamline the process. Attackers will, of course,
evolve their tools to drive efficiency gains, however
these tradecraft improvements are iterative and
do not happen all at once. Furthermore, while it is
likely that adversaries today are already leveraging AI in
some capacity to improve individual attack phases, this
report shows an end-to-end AI-driven attack purely as a
thought experiment.
Cyber-crime gangs: an enterprise model
To illustrate how AI can be used to aid offensive
capabilities, let’s imagine a group of professional hackers
dedicated to infiltrating a large organization.
The criminals view themselves as cyber mercenaries
working for the highest bidder, and have a team of
around 15 people working for them remotely. Different
members of the gang are specialized in different areas
of expertise – there are social engineers, malware
coders, hands-on intrusion operators, and post-breach
data analysts. Their crime-group is run like any other
enterprise – each person carries out a different task, and
in turn expects a return on their time investment. •
www.intelligentcio.com
INTELLIGENTCIO
21