AI impact on cyber security future: The good, bad and ugly

In today’s digital age where cyber security threats loom around every corner, we bring expert insights from leading cybersecurity professionals in India, as they share their views on how AI is impacting the cyber security industry — in good and bad ways.

Cyber security experts featured:

• Parag Khurana, Country Manager, Barracuda Networks (India) Pvt Ltd
• Harish Kumar GS, Head of Sales, India and SAARC, Check Point Software Technologies
• Jaydeep Singh, General Manager, South Asia, Kaspersky
• Anand Jethalia, Country Head, Security, Microsoft India & South Asia
• Vishal Salvi, CEO, Quick Heal and SEQRITE
• Sandeep Bhambure, VP and Managing Director, India & SAARC, Veeam Software

Apart from commenting on AI in cyber security, they also recommend crucial steps individuals and organisations can take to stay vigilant and bolster their cyber defences.

What new AI-powered cyber threats will emerge soon?

AI will be a catalyst for cyber threat evolution. Attackers will progress from using generative AI to refine and scale phishing emails to leveraging AI technologies in many other ways. For example, to create or adapt malicious code using tools such as WormGPT and EvilGPT, which will automate the discovery and exploitation of weaknesses or enable the creation of adaptive malware that can evade detection. AI will lead to bigger botnets for massive DDoS attacks. There will also be the growing threat of attackers breaching the data security of AI models and maliciously poisoning or distorting the data. –Parag Khurana, Barracuda Networks

Lately we have also seen a significant increase in cryptojacking detections, where attackers hijack computer resources for cryptocurrency mining. As the value of cryptocurrency fluctuates, we can expect attackers to develop more cunning methods to exploit vulnerabilities and maximise their illicit gains. As AI and other emerging technologies continue to grow, deep fakes and hyper-personalised scams are likely to become more sophisticated. Attackers will leverage advancements in artificial intelligence to create highly believable digital forgeries and craft social engineering campaigns that prey on human emotions and trust. –Vishal Salvi, Quick Heal

Emerging cyber threats are dominated by AI and ML-powered attacks, facilitating the creation of sophisticated malware and ransomware like deep fakes and voice cloning, alongside more effective phishing schemes. Nation state attacks and hacktivism will increase with geo-political instability fueling activities like DDoS attacks, often masking commercial motives with political agendas. Ransomware threats will exploit legitimate system tools, despite takedowns of malware networks like Qbot, necessitating advanced security measures like Managed Detection and Response (MDR). Another potential threat will be data loss incidents, due to vulnerabilities in SaaS platforms, as organisations rush to fortify defences against ransomware. –Harish Kumar GS, Check Point

In the future, AI-related threats will increase and give a more complex tone to the threat landscape. We’ll see an increased use of neural networks to generate visuals for scams. According to our security experts, there is a noticeable upward trend in attacks targeting mobile devices. In 2023 alone, the number of such attacks surged to 33,790,599, representing a significant increase of almost 52%, compared to the 22,255,956 attacks recorded in 2022. The most prevalent threat to mobile devices was adware, a type of software that displays unwanted pop-up adverts. –Jaydeep Singh, Kaspersky

Also read: Apple warns Indian users about ‘mercenary spyware’: All you need to know

The cybersecurity landscape is poised for significant challenges. The next few years could see an escalation in the speed, scale, and sophistication of cyberattacks, threatening global security. Nation-state cyber activity is expected to rise, targeting critical infrastructure with sophisticated techniques. Additionally, the weaponization of AI by adversaries is a growing concern, with AI playing a significant role in future threats. These trends indicate a future where cybersecurity threats are more advanced, stealthy, and potentially damaging. –Anand Jethalia, Microsoft

A spate of AI-driven cybersecurity threats is expected in the foreseeable future as attackers capitalize on the ability of AI to learn and adapt to new defenses and enhance the efficacy of their attacks. With these attacks becoming increasingly discreet and complex, businesses must account for not just keeping their attackers out, but also how to respond when they are inevitably breached. With more successful attacks taking place, we are seeing attackers targeting the backup copies, making it substantially easier for them to extort ransom from organizations. In cognizance of this trend, 53% of organizations are on the lookout for new backup solutions to secure their repositories. –Sandeep Bhambure, Veeam Software

How is AI helping to improve cybersecurity everywhere?

AI is revolutionising cybersecurity for all of us. It’s scrutinising vast datasets to identify organisational activity patterns, from user logins to network traffic, bolstering privacy with global threat intelligence. On the other hand, machine learning aids in recognising and contextualising threats like malware. While human expertise remains crucial, AI enhances skills and accelerates threat detection and resolution in a big way. Responsible integration of generative AI into security solutions is essential to uphold privacy, reliability, and safety standards. –Anand Jethalia, Microsoft

Also read: How to check and remove malware from your computer: Follow these steps

Advancements in AI and ML are revolutionising cybersecurity defences. AI enables real-time analysis of vast data sets, swiftly identifying and mitigating evolving threats. Meanwhile, machine learning algorithms can predict future threats by analysing past attack patterns and subtle indicators of compromise, strengthening proactive defence measures. These technologies automate response actions, such as isolating infected devices, minimising damage, and allowing security teams to focus on recovery efforts. –Vishal Salvi, Quick Heal

We are going to see AI tools and machine learning will be a cause of concern in cyberattacks. Even as these tools help the cybercriminals, our experts say that AI tools can be used for defensive applications against major threats. One of the ways to do this is to enable AI assistants for cybersecurity specialists to fight crime. We expect the red teams and cybersecurity experts can leverage generative AI for innovative cybersecurity tools, which can lead to a cyber assistant using LLM or ML. –Jaydeep Singh, Kaspersky

AI is enhancing cybersecurity in several ways. For example, intelligent AI-driven email security can identify known phishing patterns, spot unknown threats, and use natural language processing to analyse content for sentiment, context, tone, and potential malicious intent. AI can boost application security by detecting anomalies, adjusting machine learning models, and countering initial access and reconnaissance attempts.  AI can also enhance the volume, speed and quality of threat detection and intelligence, with AI-based algorithms used to detect anomalies, analyse behavioural data, recognize patterns and for predictive analysis. Then there is the critical role of AI in enabling automated and enhanced incident response, giving security teams the power to detect, contain and neutralise attacks quickly and effectively, reducing human error and accelerating incident triage. –Parag Khurana, Barracuda Networks

AI and ML significantly shape cybersecurity defence by automating repetitive tasks, enhancing threat detection and response, improving situational awareness, and aiding in endpoint, network, cloud security, and fraud detection.  –Harish Kumar GS, Check Point

Advancements in AI and ML are indeed augmenting and bolstering cybersecurity defenses. These advancements notwithstanding, resilience plays a pivotal role when it comes to business continuity planning and disaster recovery. To ensure airtight defense strategies, data protection and IT security teams ought to work in tandem. Veeam also works with security firms to integrate AI/ML into restore processes. This includes being able to quickly understand and scan for infected restore points, ensuring that secondary reinfection doesn’t occur in the process. –Sandeep Bhambure, Veeam Software

How to stay protected online?

The digital landscape is fraught with dangers, but there are steps individuals can take to stay safe. To bolster digital safety, individuals must exercise caution with links and attachments, avoiding clicking on suspicious ones and hovering over links to verify destinations. Additionally, maintain robust passwords, using a mix of characters, and consider employing a password manager. Having a paid antivirus with full coverage is essential and a step in the right direction. Regularly updating this software is crucial to address vulnerabilities and safeguard against evolving threats. Staying informed about common tactics used by scammers can also help individuals recognise and avoid potential dangers online. –Vishal Salvi, Quick Heal

We believe that staying vigilant and informed about prevailing threats is paramount. Adopting safe online practices, like refraining from divulging personal details and exercising caution with suspicious communications, strengthens our digital defences. Regularly updating software and employing security tools, such as antivirus software and built-in security features, further fortifies our systems. Moreover, implementing robust authentication measures, like strong passwords and two-factor authentication (2FA), mitigates the risk of unauthorised access. Equally crucial is educating oneself, especially younger generations, about online safety practices to navigate the digital realm securely. Together, these proactive steps empower users to safeguard their digital footprint effectively. –Anand Jethalia, Microsoft

With cyberattacks on consumers increasing via phishing, scamming and social engineering, it is important for individuals to be aware of evolving threat scenarios. To avoid being scammed online, individuals can start by doing the most basic action. Firstly, avoid clicking on links in spam messages or on unknown websites. The other most critical action is to avoid disclosing personal information to unknown sources. This is the most common form of social engineering. Cybercriminals who are planning an attack will collect personal information in advance, which is then used to tailor phishing messages specifically to you. Never use unknown USB sticks or other storage media to your computer if you do not know where they came from, since these could be infected by the cybercrook. To minimise the risk of downloading ransomware, or a virus infection, never download software or media files from unknown sites. Rely on verified and trustworthy sites for downloads. Also regularly update your programs and operating system, as it helps to protect you from malware. –Jaydeep Singh, Kaspersky

We advise companies to maintain three copies of their data: two on different media (such as disk and tape) and one off-site. We also emphasise upon having at least one copy stored offline to protect against ransomware and other cyber threats. Lastly, regularly test to ensure there are zero issues during data recovery. This “3-2-1-1-0” rule provides a comprehensive approach to data protection, ensuring redundancy, data diversity, and resilience in the face of potential data loss scenarios. This approach is still valid for individuals protecting their most sensitive data; however, we are also strong advocates for more consumer education on basic security hygiene such as not reusing passwords, maintaining up to date patches, and not exposing personal devices directly to questionable networks such as open Wi-Fi hotspots. –Sandeep Bhambure, Veeam Software

To protect against sophisticated scams, individuals should: Be cautious with password reset emails – if you receive an unexpected password reset email, do not click on any links. Instead go directly to the website to change your password. Scrutinise email language and content, pay attention to tone and language as social engineering techniques such as impersonating trusted brands or authority figures, try to trick unsuspecting victims into taking urgent action. –Harish Kumar GS, Check Point

Also read: Quick Heal’s Vishal Salvi on fighting malware to keep India cyber safe