AI as a threat and opportunity for IT security

B2B Cyber ​​Security ShortNews

Share post

IT security is one of the areas that is currently being changed by AI. On the one hand, AI helps criminals make attacks more efficient, sophisticated, scalable and evade detection. On the other hand, security departments and law enforcement agencies receive new tools to detect and attribute illegal activities more effectively.

Cisco Talos analyzed the current state of this race and found the following trends:

Increasing danger

Thanks to AI, cybercriminals need fewer and fewer people and knowledge for attacks and software development. This lowers barriers to entry, increasing the number of criminals and attacks, as well as the risk of detection when hiring accomplices in dark web forums. AI can analyze enormous amounts of data to identify weak points or worthwhile targets. This enables more effective attacks. More sophisticated attack methods include realistic audio and video deepfakes, large-scale disinformation campaigns, AI-driven bots, and credible fraudulent websites, phishing emails, and social media profiles. AI-driven development kits create adaptive malware that evades detection by security solutions. For example, it can change its processes depending on the environment.
AI can also be used to ensure that attacks only occur when the target is active. Until then, the malware hides in legitimate applications to avoid detection.

Improved security

ML and AI can detect unknown threats more precisely and effectively. For example, Cisco Secure Endpoint and Cisco Umbrella automatically detect and mitigate suspicious behavior on end hosts and networks. Analyzing large amounts of data also benefits security. It shortens response times to attacks and improves forensics. AI makes it easier for law enforcement agencies to attribute criminal activity to known groups. This provides insight into the attackers' motives and capabilities, as well as their tactics and possible future threats. Cisco Talos has been using machine learning, a subcategory of AI, to automate threat analysis for years. This includes classifying similarly designed websites and phishing emails, identifying spoofing attempts, analyzing binary similarities, and clustering to detect and filter new, previously unknown attack patterns in large amounts of data.
AI can be used to perform predictive analysis to predict potential cyber threats based on historical data and patterns. Companies can then patch vulnerabilities before they are exploited.

More at


About Cisco

Cisco is the world's leading technology company that makes the Internet possible. Cisco is opening new possibilities for applications, data security, infrastructure transformation and the empowerment of teams for a global and inclusive future.


Matching articles on the topic

Report: 40 percent more phishing worldwide

The current spam and phishing report from Kaspersky for 2023 speaks for itself: users in Germany are after ➡ Read more

IT security: NIS-2 makes it a top priority

Only in a quarter of German companies do management take responsibility for IT security. Especially in smaller companies ➡ Read more

BSI sets minimum standards for web browsers

The BSI has revised the minimum standard for web browsers for administration and published version 3.0. You can remember that ➡ Read more

Stealth malware targets European companies

Hackers are attacking many companies across Europe with stealth malware. ESET researchers have reported a dramatic increase in so-called AceCryptor attacks via ➡ Read more

IT security: Basis for LockBit 4.0 defused

Trend Micro, working with the UK's National Crime Agency (NCA), analyzed the unpublished version that was in development ➡ Read more

The AI ​​Act and its consequences for data protection

With the AI ​​Act, the first law for AI has been approved and gives manufacturers of AI applications between six months and ➡ Read more

MDR and XDR via Google Workspace

Whether in a cafe, airport terminal or home office – employees work in many places. However, this development also brings challenges ➡ Read more

Test: Security software for endpoints and individual PCs

The latest test results from the AV-TEST laboratory show very good performance of 16 established protection solutions for Windows ➡ Read more