Britain’s Government Communications Headquarters (GCHQ) has issued a stark warning about the growing risk of cyberattacks fueled by the rapid development of Artificial Intelligence (AI) tools.
In a report released by the National Cyber Security Centre (NCSC), a GCHQ division, concerns were raised about the potential lower entry barriers for less sophisticated hackers to engage in digital harm, driven by the accessibility of AI tools.
The report stressed that the increased use of AI in cyber operations is expected to amplify both the volume and impact of cyberattacks over the next two years. However, the impact is likely to be uneven, with opportunistic hackers benefitting the most from the advancements in AI tools. These hackers, who may lack the skills for higher-level attacks, could exploit AI to enhance the effectiveness of their campaigns, particularly in areas such as phishing.
Generative AI tools, including chatbots, were identified as potential enablers for creating more convincing emails or documents in online phishing campaigns. The report pointed out that these tools could be leveraged to deceive users and increase the success rates of such attacks.
At an advanced level, state-backed hackers were identified as being well-placed to harness AI’s potential for sophisticated cyber operations. This includes the use of AI in advanced malware generation, raising concerns about the capabilities of nation-state actors in conducting highly sophisticated and targeted cyberattacks.
The security community has been grappling with the implications of large language models (LLMs), such as OpenAI’s ChatGPT, which can generate human-like interactions. Businesses have increasingly incorporated these models into various services, from sales to customer care. However, the rise of AI-powered cyber threats has prompted authorities in Britain, the U.S., and Canada to acknowledge the adoption of AI by hackers, signaling the need for heightened vigilance and cybersecurity measures to counter evolving threats.
