Kaspersky Reveals How Bad Peolpe Use AI to Perform Sophisticated Attacks

Senior Security Researcher for the Asia Pacific Research and Analysis Team (Global Research and Analysis Team/GREAT) Noushin Shabab (photo: Kaspersky)

JAKARTA - Apart from having great benefits for individuals or companies, Kaspersky cybersecurity experts also revealed that this artificial intelligence (AI) technology can be exploited by cybercriminals in every stage of a sophisticated attack.

According to Noushin Shabab, Senior Security Researcher for the Asia Pacific Global Research and Analysis Team (GReAT) Noushin Shabab, currently, APT actors combine advanced techniques to evade detection and stealth methods to strengthen their defenses.

"New AI developments can assist cybercriminals from the reconnaissance stage to data exfiltration," said Shabab in a statement received on Wednesday, August 30.

In Asia Pacific, Shahab revealed that there are at least 14 active APT groups, one of which is Origami Elephant. These threat actors have been targeting the South Asian region with particular interest in government and military entities especially in the countries of Pakistan, Bangladesh, Nepal, and Sri Lanka since early 2020.

Reconnaissance Phase

During the reconnaissance phase, AI can help actors find and understand potential targets by automating the analysis of data from multiple sources. These sources can be online databases and social media platforms and collect information on target personnel, systems, and applications used in the corporate environment.

"Smart machines can even find vulnerable points through detailed assessments of company employees, third-party relationships, and network architecture," added Shabab.

Early stage

At this early access stage, AI can help cybercriminals create highly convincing and personalized phishing messages. These intelligent machines can also be trained to find the best entry point into a target network and know the best time to launch an attack.

By analyzing patterns in user behavior, social media activity and personal information, AI algorithms can make intelligent guesses about passwords, thereby increasing the chances of successful access.

Execution

During the execution stage, AI has the ability to adapt malware behavior in response to security measures, thereby increasing the chances of a successful attack. AI-based fallacies can also create polymorphic malware that changes its code structure to evade detection.

Resilience

For this stage, AI can create the most suitable script to execute the malware based on an analysis of user behavior. Threat actors can also develop AI-powered malware that can dynamically adapt its resilience mechanisms based on changes in the target environment.