Cybercriminals Harness the Power of Generative AI to Launch BEC Attacks
Introduction
The world of cybercrime is constantly evolving, and the latest development is the use of generative AI technology to aid malicious activities. Specifically, cybercriminals have employed a tool called WormGPT, which is essentially a blackhat alternative to the widely known GPT models. WormGPT has been trained on various data sources, with a particular focus on malware-related data. The tool is capable of generating human-like text based on the input it receives, enabling cybercriminals to create highly convincing fake emails. This development underscores the alarming threat posed by generative AI technology, even in the hands of novice criminals.
The Power of WormGPT
A recent report from SlashNext discussed the potential risks associated with WormGPT, particularly in the context of Business Email Compromise (BEC) attacks. In their evaluation, researchers instructed WormGPT to generate an email aimed at pressuring an unsuspecting account manager into making a payment for a fraudulent invoice. The results were astonishing; not only was WormGPT able to execute a persuasive tone, but it also demonstrated strategic cunning, indicating its capabilities for mounting sophisticated BEC attacks. The report aptly describes WormGPT as ChatGPT without any ethical boundaries or limitations.
Complexities in Cybersecurity
The rise of generative AI tools like WormGPT introduces new complexities and challenges in cybersecurity efforts. These tools increase the sophistication of attacks and highlight the need for more robust defense mechanisms against evolving threats. Patrick Harr, CEO of SlashNext, suggests that fighting fire with fire is the most effective approach. He argues that AI-aided defense capabilities are essential in combating AI-aided BEC, malware, and phishing attacks. “You’re going to have to integrate AI to fight AI, otherwise, you’re going to be on the outside looking in and you’re going to see continued breaches,” he says.
A New Defense Paradigm
To address the rapidly evolving threat landscape, organizations must train AI-based defense tools to discover, detect, and ultimately block the sophisticated and ever-changing set of AI-generated threats. For example, if a threat actor creates an attack and instructs the AI tool to modify it, security teams can use AI-based defense tools to create multiple clones of the attack with variations in wording. By training the organization’s defense model with these synthetic data clones, threats can be anticipated and detected before they can infect systems.
Recognizing the need for AI-powered defense is crucial, as traditional human-centered methods are insufficient to stay ahead of cybercriminals. In April, a Forcepoint researcher was able to convince an AI tool to create malware for finding and exfiltrating specific documents despite its directive to refuse malicious requests. The widespread enthusiasm among developers for large language model (LLM) tools like ChatGPT has left most organizations unprepared to defend against the vulnerabilities introduced by this nascent technology.
Conclusion
The emergence of generative AI tools in the hands of cybercriminals heightens the risk of phishing, BEC, and malware attacks. WormGPT, a blackhat alternative to GPT models, has demonstrated its capability to create highly convincing fake emails and launch sophisticated BEC attacks. The rapid evolution of AI-driven threats demands a new paradigm for defense. Organizations must integrate AI technologies to discover, detect, and block AI-generated threats. By training AI defense tools to anticipate the variations in future attacks, organizations can fortify their security posture in this ever-changing cybersecurity landscape.
<< photo by Nati >>
The image is for illustrative purposes only and does not depict the actual situation.
