In the last couple of weeks, Israel has experienced two significant cyberattacks that paralyzed payment-clearing systems for several hours.
Such Distributed Denial of Service (DDoS) type of attacks, where hostile actors create artificial load on targeted servers to disable them, have already become the hallmark of organized cyberattack campaign days against Israel, such as “Iranian Jerusalem Day” and “OpIsrael”.
While cyberattacks that interfere with the availability of computer systems, like DDoS attacks, can be very disturbing, they are still considered less harmful than attacks that violate Data Confidentiality or Integrity.
In fact, I clearly remember a case where we were so grateful that a malicious attack that broke into a high-profile server ended up destroying it loudly instead of manipulating its data stealthily and causing a much more dramatic impact.
However, with technological advancement and the (Gen) AI revolution, we are facing a new era of cyber threats. The discourse in the cyber world focuses on how AI tools extend the attack surface and create new attack vectors that challenge the industry, such as chatbot hacking.
Yet, an even more dramatic point is that AI development is disrupting familiar cyber threats, refining them to become more precise and lethal. Due to the democratization of Gen AI capabilities, every attack will become increasingly sophisticated and require a change in thinking and the development of new tools for mitigation.
The future – personalized tailor-made attacks
The majority of successful cyberattacks start with an act of social engineering, such as a phishing email. Like in marketing, the development of Gen AI enables true, effective personalization of such (malicious) messages in high volume at a fraction of the cost.
In this case, the AI can support and automate the full lifecycle of the attack – from collecting and analyzing data about the target through building and customizing a cyberweapon to managing and running an attack campaign.
Thus a technique like “Spray and Pray,” which used to be very low risk, becomes very successful as the received messages become more attractive, credible, and tailor-made to the recipient and hosting system, making it more “Spray and Play” for the attacker.
The counter future – new generation of defense systems with deep understanding
The good news is that as cyberattacks are expected to become more sophisticated, so are the countermeasure defense tools. In fact, we can already see new cybersecurity solutions embedding AI capabilities to address the most critical drawback of cybersecurity products – the enormous amount of false alerts.
Backed by Language Learning Models (LLMs) and newly trained AI models, these products will soon be able to automatically filter out most of the irrelevant warnings, dramatically enhancing the work of any cyberanalyst out there.
But the potential of AI in cyber defense goes far beyond. When the technology makes another jump, one can imagine a real-time LLM that would support a true Intrusion Blocking (mistakenly named Prevention) System for the first time.
The intelligence to distinguish between malicious and innocent communications is there – we are just waiting for the increase in reaction time.
The writer is a co-founder and the CTO of Blueski.com, an AI solutions company, and was the first CTO of Israel’s National Cyber Directorate.