The release of ChatGPT brought along with it a wave of Artificial Intelligence (“AI”) driven revolution. It is no exaggeration to say that AI has infiltrated almost every industry in existence. Some view AI as a harbinger of doom; some see it as a bearer of good news, here to ease our daily lives. For the cybersecurity market, it seems to have found itself in a love-hate relationship with AI.
In this newsletter, we will be looking at how AI has single-handedly enhanced the efficiency and effectiveness of cybersecurity efforts, but at the same time also created more cybersecurity threats to individuals and organisations.
AI-Enhanced Cybersecurity
The underlying feature of AI is always to imitate human behaviour and actions, whether it is spotting trends and anomalies, or content writing and generation. When it comes to cybersecurity, AI can also be trained to facilitate and assist in the work of cybersecurity professionals.
Oftentimes, the attack vectors that cybercriminals use to gain a foothold in their target’s IT environment are zero-day vulnerabilities in software used by the target. Zero-day vulnerabilities are hard to protect against because they are legacy issues unknown even to the owners or developers of the software. A specially designed and trained AI can be used to detect zero-day vulnerabilities in software, thereby helping cybersecurity researchers to flesh out potential attack vectors and to deploy patches and fixes accordingly, before actual exploitation by malicious actors. When AI is deployed in an organisation’s network server, it can also be used to flag potential phishing emails.
Other than predictive initiatives, AI can also be trained to perform malware detection and tracing in the event of a cybersecurity breach. During a cybersecurity incident, the response team is always racing against time to mitigate damage. AI can substantially cut down the time in locating the root cause of the breach or to detect malware.
AI Posing Cybersecurity Risks
While there are many use cases of AI in enhancing cybersecurity, the flip side is also true in that AI itself is presenting new cybersecurity risks.
Phishing emails crafted with AI are more convincing and sophisticated than ever, making them harder to be noticed. AI can also be used to learn the behaviour of a particular person before deploying phishing email to increase the chances of the phishing email being clicked on. For example, if an AI gathered that the target will normally receive and open emails sent by tax agents to his or her work email, a phishing email can then be crafted to imitate one sent by tax agents.
The proliferation of AI also prompted the creation of the dark-side of ChatGPT – introducing the likes of WormGPT and FraudGPT. Unlike ChatGPT, these generative AI models do not have any safety guardrails. They are deployed to help cybercriminals to write malware and convincing phishing emails, thereby lowering the barrier to execute an attack.
AI, just like any piece of software, if integrated and embedded in an organisation’s IT environment, can also potentially be used by cybercriminals as a possible attack vector if there are loopholes or vulnerabilities in the system. In an effort to deploy AI, an organisation may actually unknowingly create a way into its IT environment for threat actors. If cybersecurity researchers can use AI to locate zero-day vulnerabilities and to patch them, then cybercriminals can also use AI to find vulnerabilities in software to exploit and compromise.
Fighting AI with AI
AI has proven time and again that it can perform better (or at least faster) than human in many of the tasks that involve pattern and anomaly spotting, as well as information gathering and sorting. Crucially these are the nature of the work of cybersecurity professionals.
There is a saying that to beat evil, one must become a greater evil. It seems a quick solution to cybersecurity risks exacerbated by AI is to deploy more advanced AI to strengthen cybersecurity. It will be a matter of the sharpest spear against the toughest shield.
Malaysia Cybersecurity Bill
Given the importance of cybersecurity, the Malaysia Cybersecurity Bill that is currently in the work will be a vital bullet in the fight against cyber threats. It remains to be seen what sort of tools the legislation will offer to defend the digital landscape, but it is definitely a move in the right direction.
If you wish to know more about cybersecurity best practices, legal requirements relating to cybersecurity, personal data and breach notification requirements, please feel free to reach out to our team of experts. We look forward to working with you on your digital transformation journey.
About the authors
Lo Khai Yi
Partner
Co-Head of Technology Practice Group
Technology, Media & Telecommunications, Intellectual
Property, Corporate/M&A, Projects and Infrastructure,
Privacy and Cybersecurity
Halim Hong & Quek
Ong Johnson
Partner
Head of Technology Practice Group
Transactions and Dispute Resolution, Technology,
Media & Telecommunications, Intellectual Property,
Fintech, Privacy and Cybersecurity
Halim Hong & Quek