The Guardian, citing the British Cybersecurity Agency (NCA), warns of the imminent threat of sophisticated phishing attacks enabled by artificial intelligence (AI). AI will not only fabricate highly authentic-looking emails but also manipulate sender addresses to resemble those already familiar to recipients.
“Advancements in AI tools will make it increasingly difficult for users to distinguish genuine emails from phishing attempts, especially those that prompt them to divulge passwords or personal data,” caution specialists from the NCA’s National Cybersecurity Centre (NCSC).
Generative AI, capable of producing compelling text, voice, and images from straightforward prompts, has become widely accessible through chatbots like ChatGPT and free open-source models.
In its recent report, the NCSC confirmed that AI will “almost certainly” intensify cyberattacks and exacerbate their impact within the next two years. “By 2025, generative AI and multilingual models will render it challenging for anyone, regardless of their cybersecurity expertise, to verify the authenticity of email requests to reset passwords, identify phishing attempts, forgeries, or social engineering tactics,” the report stated.
Wojciech Głażewski of Check Point Software believes that AI will empower so-called “threat actors,” accelerating and expanding the capabilities of hacking tools. This applies to both the development of more sophisticated and rapidly evolving malware variants and the deployment of deepfake technology in phishing attacks and impersonation schemes.
“Deepfakes will be employed to create content capable of swaying public opinion, including manipulating stock prices, and even more nefarious purposes – such as those related to international conflicts. These tools are readily available on the internet, and cybercriminal groups are already exploring their potential for socio-technical attacks to gain authorization and access to sensitive data,” warns Wojciech Głażewski, country manager for Check Point Software in Poland.
The expert expressed concern that the advancement of AI will “lower the barrier” for amateur cybercriminals and hackers to infiltrate systems and gather intelligence on targets, enabling them to cripple victims’ computer systems, extract sensitive data, and demand ransom in cryptocurrencies.
