Ward driving with artificial intelligence

B2B Cyber ​​Security ShortNews

Share post

AI tools are now used millions of times to research topics, write letters and create images. But artificial intelligence is also becoming increasingly important in the area of ​​cybersecurity.

On the one hand, it can make the work of those responsible for security easier, but on the other hand, it offers cybercriminals numerous new opportunities. These range from deepfakes to AI-powered cyberattack campaigns on demand. Whitehat hacker Kody Kinzie has tried out the extent to which artificial intelligence can be used to better exploit the results of “wardriving”, i.e. the systematic search for WiFi networks with the help of a vehicle.

AI tool Claude

The security specialist collected information about WiFi networks in Manhattan on a Circle Line ferry using WiGLE. He received a CSV data set of 5.000 lines and uploaded it to Claude. “I wanted to see if this AI model could do three things: analyze the data, enrich the data, and output the data in a visual representation,” said Kinzie. To do this, Claude should compare the MAC addresses of all these wireless networks against a list of providers and then identify the most common providers in that area.

The tool said it extracted the network ID column, used the MAC Vendor Lookup package in Python to look up the provider, calculated the count of each provider, and then sorted the providers to determine their frequency . The results corresponded to a typical distribution of manufacturers. “Claude appears to have taken the steps a savvy person would take to enrich the data. Accordingly, I assumed that the tool had actually processed my information.”

Claude hallucinates

To check the results, Kinzie repeated the test several times - always with completely different results. “Obviously Claude did not carry out the tasks he set himself, but simply anticipated the results. The tool was able to write the Python code used for real analysis of the data. But after actually running the wardriving data through this code, it was revealed that most of the data was not true, but rather a hallucination. On the other hand, Claude created a map that showed the location of several vulnerable networks and was identical to the results of a real analysis,” explains Kinzie.

Claude wasn't right, but he wasn't completely wrong either: "In my opinion, that's worse than being completely wrong, because the results seem plausible and contain a few correct conclusions." But this behavior is not limited to Claude: "AI- Systems like Claude, Bard from Google or ChatGPT try to approximate plausible results. So when you do data analysis and do things that AI seems good for, you have to be very careful and always check those results manually.”

More at Varonis.com


About Varonis

Since its founding in 2005, Varonis has taken a different approach than most IT security providers by placing company data stored both locally and in the cloud at the center of its security strategy: sensitive files and e-mails, confidential customer, patient and Employee data, financial data, strategy and product plans and other intellectual property. The Varonis data security platform (DSP) detects insider threats and cyber attacks through the analysis of data, account activities, telemetry and user behavior, prevents or limits data security breaches by locking sensitive, regulated and outdated data and maintains a secure state of the systems through efficient automation .,


Matching articles on the topic

Researchers find 26 billion access data on the web

A package with 26 billion data records containing access data appeared online. It is said to contain user access data at many companies ➡ Read more

January 28, 2024: European Data Protection Day

January 28, 2024 is European Data Protection Day. In this context, it is important to raise awareness of privacy and data protection ➡ Read more

Data offering: Every third company appears on the dark web

In the last two years, one in three companies worldwide have offered compromised data for sale on the dark web. A big ➡ Read more

Fast food chain Subway probably victim of Lockbit

Many sources indicate that the Subway company was the victim of a cyberattack by LockBit. The operator Subway is there ➡ Read more

Russian APT group attacked Microsoft 

According to its own information, Microsoft was attacked by Midnight Blizzard on January 12, 2024. The Russian-sponsored actors had ➡ Read more

Many German chambers of crafts remain offline

The IT service provider ODAV was the victim of a cyber attack at the beginning of January. Because the service provider provides many services for the German Chamber of Crafts ➡ Read more

Security awareness against phishing attacks

The increasing spread of deepfake and AI technologies poses a serious threat, particularly in the area of ​​phishing attacks. These technologies enable ➡ Read more

Cat and mouse game in IT security

Looking back at 2023, we can see that the topic of AI has had a significant impact on IT security. That will too ➡ Read more