October is cybersecurity month, and it’s more important than ever for companies to ramp up their cybersecurity efforts. That’s especially as AI is entering the mix, being used for productivity, but also nefariously to generate malware. According to evidence provided by HP Wolf’s Threat Insights Report for September 2024, which was presented at the company’s HP Imagine conference in Palo Alto, CA last month, attackers are using AI to generate malware, requiring upskilling among professionals to get a better handle on the situation.
The top threat vectors, according to HP Sure Click identifications, include e-mail attachments at 61%, browser downloads at 18%, and other infection vectors, like removable storage (think a USB thumb drive or file shares) at 21%.
How Cybersecurity Attackers Are Using AI And Why It’s Important
The report found that attackers are using generative AI to help them write malicious code to embed in things like Scalable Vector Images ( SVG) images. They can be spread through malvertising and generate rogue PDF tools that look like they are professional and legitimate.
HP’s research team was able to identify, for example, a campaign that was targeting French speakers. It used malware that HP believes was written with the help of GenAI tools. They were able to discern this through its structure, with every line of code and native language function names and variables suggesting that GenAI was used.
This is especially dangerous because the use of AI can help accelerate attacks and makes it easier for all types of cybercriminals to infect various endpoints. This includes even individuals with no coding experience. As these attacks get more sophisticated, victims are being directed to websites with fake tools, driven to install fake applications as MSI files, and creates browser extensions that give attackers full control over your browsing session. In some case, HP found that attackers are using SVG vector images to smuggle malware. Once a user opens a webpage with the SVG image and it’s viewed, it can lead to the installation of harmful malware.
Patrick Schläpfer, Principal Threat Researcher at the HP Security Lab, says this finding is significant. “Typically, attackers like to obscure their intentions to avoid revealing their methods, so this behaviour indicates an AI assistant was used to help write their code.” Because of this, he adds, it “further lowers the barrier to entry for threat actors, allowing novices without coding skills to write scripts, develop infection chains, and launch more damaging effects.”
What Can Businesses Do To Protect Themselves?
All the same tips about ramping up security, training both IT personnel and employees, and running periodic checks remain as important as they ever were. But now with AI in the mix, companies need to be more diligent than ever about keeping an eye on potential threats.
For business and personal users, alike, manufacturers like HP are building better security into their latest laptops, including measures that incorporate AI. HP’s new EliteBook X AI laptop, for example, comes with McAfee Smart AI Deepfake Detector that can detect AI-generated audio. It will then warn you if it thinks you are receiving fraudulent data or misinformation. It also features quantum hack protection with Wolf Security and HP’s Endpoint Security Controller to help protect the laptop against future threats.
The latest Lenovo ThinkPad AI PCs, like the ThinkPad X1 Carbon Gen 13 Aura Edition that was launched at IFA 2024 in Berlin earlier this Fall, include the company’s ThinkShield solutions, which involve AI-powered endpoint protection for threats that exist from the OS to the cloud. The addition of SentinelOne’s Singularity Platform and AI technology adds another layer of protection with automatic threat detection and response.
It comes down to upgrading both the back-end security systems and the hardware. The latest generation of AI PCs offer more than just cool tools that can make your job easier. They often include advanced cybersecurity to ironically combat threats created by the very same technology they also leverage for good.
“Threat actors are constantly updating their methods, whether it’s using AI to enhance attacks or creating functioning-but malicious tools to bypass detection,” says Dr. Ian Pratt, Global Head of Security for Personal Systems at HP, Inc. “So, businesses must build resilience, closing off as many common attack routes possible. Adopting a defense-in-depth strategy, including isolating high-risk activities like opening e-mail attachments or web downloads, helps to minimize the attack surface and neutralize the risk of infection.”
-30-
More articles on