Generative AI aids hackers in entering high-risk systems

AI tools are misused by cybercriminals.

Generative AI has not only unlocked new potentials for innovation but has also provided cybercriminals with tools to enhance their malicious activities, according to Jeremy Pizzala, EY Asia Pacific’s Cybersecurity Consulting Leader.

"Generative AI is able to help bad hackers develop malware on the fly," explained Pizzala. According to him, cybercriminals can use AI to produce ransomware or other types of malware simply by using the right prompts, a process known as 'prompt poisoning'. 

He said that generative AI is being employed to craft highly convincing phishing and spear phishing emails with excellent grammar.

In response to these advanced threats, Pizzala underscored the importance of robust cybersecurity measures. Organisations are advised to bolster their defences by maintaining strong threat detection and response capabilities, including a mature security operations centre that utilises threat intelligence and automation.

Another strategy is the implementation of comprehensive identity and access management programs, particularly around privileged identities. "Zero trust is very important, ensuring that people and devices have zero trust as they traverse through your network and your applications," he stated.

Pizzala pointed out that technologies like machine learning, deep learning, and even generative AI itself can be powerful allies for cyber defenders. These technologies can enhance the ability to detect and respond to cyber threats more efficiently.

Pizzala also clarified the concept of "shifting left" in cybersecurity, which emphasises the integration of security measures at the early stages of technology or business transformation projects, especially in the development of new applications. 

“So an application is highly secure, because what we see today, unfortunately, is security to the right, which means that, often, security has been forgotten at the time of design and build of applications, and therefore makes it much easier for hackers and other cyber malicious actors to gain access,” he explained.