Malwarebytes recently released its latest State of Malware report. Its key message: Agent-based AI models are on the rise and will make it increasingly easier and cheaper for cybercriminals to spread malware.
Agent-based AI models are a special form of artificial intelligence (AI) in which the models operate in the form of many autonomous units - agents. By interacting with each other and with their environment, they can learn and optimize themselves, which makes the system behavior of the AI highly dynamic. In order to achieve their given goals, they can independently interpret contexts, evaluate options and carry out actions.
They enable cyber criminals to significantly expand their attacks - both quantitatively and qualitatively. This is because agent-based AI models enable them to automate their attacks - which currently often still require a lot of human resources - on a large scale. Their ability to self-optimize, to plan, implement, evaluate and optimize attacks independently, will make cyber criminals' attacks easier, more scalable and cheaper - and also: even more tailored to the individual weaknesses of their victims.
They will also be used in the run-up to an attack, to track down potential targets, determine their individual vulnerabilities and spy on, hoard and exploit their personal data and credentials. Phishing, spear phishing and social engineering - still the number one starting point for every successful cyber attack - will thus be able to be used more effectively, efficiently and successfully.
Subscribe to our newsletter now
Read the best news from B2B CYBER SECURITY once a monthWhat agent-based AI models enable
- the automated creation of phishing messages: AI agents can generate and send a large number of personalized phishing emails. These messages can be tailored to the writing style and preferences of the victim.
- the creation of deepfakes: AI agents can be used to create deepfake video or audio messages that imitate people known to victims. These deepfakes can then be used in phishing attacks to gain victims' trust and trick them into revealing sensitive information.
- An automated analysis of and adaptation to their victims: AI agents can analyze data from previous attacks and continuously adapt their strategies to become more effective. They can also respond to their victims' reactions in real time and change their tactics accordingly.
In view of this 'attack revolution', IT security managers will have to upgrade significantly once again: with AI-supported IT security solutions - especially in the area of anti-phishing. Otherwise, cyber attacks - especially those that rely on weaknesses in human risk management - will be increasingly difficult to detect and ward off effectively.
Solutions to this have long been available. Thanks to AI, phishing training, courses and tests for employees can now be personalized and implemented automatically, tailored to the specific vulnerabilities of each individual employee. And modern anti-phishing email solutions combine AI with crowdsourcing to detect even the latest zero-day threats early and fend them off in good time - so that they don't even reach employees' inboxes. With solutions like these and similar ones, companies will be able to keep their human risks under control in the future.
More at KnowBe4.com
About KnowBe4 KnowBe4, provider of the world's largest platform for security awareness training and simulated phishing, is used by more than 60.000 companies around the world. Founded by IT and data security specialist Stu Sjouwerman, KnowBe4 helps organizations address the human element of security by raising awareness of ransomware, CEO fraud and other social engineering tactics through a new approach to security education. Kevin Mitnick, an internationally recognized cybersecurity specialist and KnowBe4's Chief Hacking Officer, helped develop the KnowBe4 training based on his well-documented social engineering tactics. Tens of thousands of organizations rely on KnowBe4 to mobilize their end users as the last line of defense.