Gen AI in Cybersecurity

The high-stakes chess between cybersecurity teams and hackers is constantly escalating, with Gen AI playing on both sides of the field. On the one hand, Gen AI is helping threats morph at breakneck speed in the digital underworld. On the other hand, Businesses can leverage Gen AI to prevent, detect, and combat these threats with zero tolerance. While the hackers need just one of their attacks to succeed, security teams need to neutralize every single shot aimed at them. Clearly, for enterprises, playing defense¹ is no longer sufficient; they need to predict—and deflect—the next move.

In this article, we discuss common cyber attacks and how Gen AI’s inherent capabilities are equipped to counter these attacks. We will also discuss how security teams’ Gen AI vs hackers’ Gen AI pans out.

You receive an email that appears legitimate, but the tone or a suspicious link gives you pause. This could be a phishing scam, where cybercriminals trick people into revealing personal information. In the U.S. alone, there were over 500 million attacks³, over 500 million attacks, and a loss of over $ 50 million due to these scams last year. As phishing becomes more sophisticated, traditional signs like poor grammar and spelling errors are disappearing, making it difficult for human eyes to spot them. Gen AI steps in here, utilizing its natural language processing to spot anomalies in communication, boasting a 96.2% success rate⁴ in identifying such scams.

Take, for instance, your finance team gets an invoice that has slightly unusual details. Gen AI can compare these against vast data sets, alerting the team to potential risks before any payments are processed.

Malware, or malicious software, can infiltrate a network with just a simple click on a suspicious link or email attachment. Traditional antivirus software, with its reactive approach, often leaves us a step behind emerging threats. Here, Gen AI offers a more proactive solution. Leveraging advanced machine learning, it continuously monitors and analyzes behavior within your software environment. For example, in a complex supply chain network involving multiple vendors, Gen AI is constantly vigilant. Upon detecting an anomaly – like a vendor’s software behaving unexpectedly – it responds immediately, isolating the issue to prevent widespread impact across the network. Security analysts can use this malware to analyze its behavior in a secure sandbox, expose their security system’s vulnerabilities, and understand the extent of damage that can occur.

Ransomware locks away an organization’s data or systems until a ransom is paid. Recently, the notorious LockBit gang⁵ targeted Boeing, publicly declaring the theft of a vast amount of sensitive data on their leak site. Despite negotiations, LockBit went on to release a portion of the stolen data. This breach spotlights the harsh reality: no entity, not even a tech giant, is immune to ransomware — risking operational chaos and severe blows to both confidentiality and corporate credibility. Gen AI can enhance predictive models⁶ to identify the early signs of ransomware behavior, such as rapid encryption of files, and stop it before it takes hold.

Vishing, or voice phishing, uses phone calls to trick individuals into surrendering private information. Deepfakes use AI to create convincing fake audio or video content⁷. Gen AI counters this by being trained to detect the subtle signs8 that content has been manipulated, like inconsistencies in facial movements or audio that doesn’t quite match lip movements.

Imagine a video circulating seemingly from the CEO, announcing that a key executive is exiting the company or declaring bankruptcy. That would cause a ripple effect of a fall in stock prices and market manipulation. A Gen AI system trained to recognize the CEO’s speech and mannerisms could analyze the video, identify it as a deepfake, and alert employees not to act on the instructions.

Is Gen AI defense stronger than Gen AI attack? Who will win in this technological tug-of-war?

Consider this. Phishing emails used to stand out with their bad grammar and spelling errors. Now, hackers are using OpenAI’s ChatGPT to write better phishing emails. They are improving the language, making it harder to spot. This is just the start, though. Ask the experts, and many say that Gen AI seems to be giving the bad guys an upper hand right now. But in the long run, it will benefit defense teams more.

Does that mean we lose this Gen AI vs Gen AI battle? Fortunately, enterprises don’t rely solely on Gen AI for security. They employ a layered approach, or in-depth defense, which includes other technologies and human oversight. Even if Gen AI-generated threats bypass one layer, others may still catch them.

The most effective cybersecurity systems involve collaboration between AI and human experts. Gen AI aids humans in identifying potential threats, but human intuition and experience play critical roles in interpreting and responding to those threats, providing a check against AI-generated attacks that might otherwise slip through.

Disclaimer Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the respective institutions or funding agencies

1. https://www.forbes.com/sites/forbestechcouncil/2023/09/25/harnessing-genai-building-cyber-resilience-against-offensive-ai/?sh=1bb64dc78ed0
2. https://www.forbes.com/advisor/business/phishing-statistics/
3. https://securityweek.com/ransomware-group-leaks-files-allegedly-stolen-from-boeing/
4. https://www.turing.com/resources/generative-ai-enhances-cybersecurity
5. https://www.washingtonpost.com/technology/2023/03/05/ai-voice-scam/