- Cybercriminals are experimenting with GenAI but so far can’t effectively exploit it
- That doesn’t mean AI poses a minimal security threat, Verizon said
- AI-driven threats are rising in the telecom sector, especially with mobile devices
In a world where generative AI is rising alongside increased cybersecurity concerns, you have to wonder how hackers can exploit the tech for their dirty deeds. While there’s certainly been an uptick in threat actors using AI, their efforts thus far haven’t amounted to much, Verizon said.
According to Verizon’s new Data Breach Investigations Report, it turns out attackers are pretty much where legitimate organizations are in their GenAI implementation lifecycles. Meaning, they’re experimenting to see what works (and doesn’t).
“There is evidence of attempts to abuse the platforms themselves,” however Google and OpenAI “don’t report anything successful,” said Verizon.
Google in a January report noted threat actors are primarily using Gemini to up their productivity for routine tasks like research, troubleshooting code and content creation. OpenAI has similarly said malicious ChatGPT users are employing AI for multiple tasks at once, such as debugging code and generating content on various distribution platforms.
While threat actors make use of large language models (LLMs) for say, phishing emails, they haven’t had much luck in employing prompt attacks or “other AI-specific threats,” Google added, as they will typically rephrase or resend a prompt rather than use AI to engineer tailored attacks.
But just because hackers haven’t fully figured out AI doesn’t mean the technology poses a minimal threat to enterprise and device security. Verizon noted the percentage of AI-assisted malicious emails doubled from around 5% to 10% in the past two years.
Telcos face emerging AI and security risks
“Another emerging risk comes from GenAI being integrated into the operating system of some of the newest mobile devices,” Verizon said.
Voice assistants, messaging apps and cameras can all leverage GenAI, which only increases the number of ways users can have their sensitive information exposed.
What’s more, some of the GenAI functions on devices are enabled by default “and must be opted out by the user or a centralized mobile device management system,” Verizon added.
Device security and fraud prevention are top of mind when it comes to the future of 5G application programming interfaces (APIs), as analysts told Fierce in December. Verizon in its report pointed out how operators are starting to offer APIs in which partners can verify if a number has had its SIM swapped to a different device, “regardless of whether it was a fraudulent move or not.” BT, Orange and Telefónica are some of the operators leading the charge.
Telcos already have enough to worry about following the aftermath of the Salt Typhoon hack, which impacted major operators AT&T, Verizon, Lumen and others. Salt Typhoon is believed to be the largest telecom hack in U.S. history, and the hackers are apparently still going at it.
On the DDoS side, AI has become “integral” in automating nearly every aspect of an attack, Netscout noted in its recent Threat Intelligence report. And telcos, particularly wireline ones, are the most susceptible to DDoS attacks even if they aren’t always the end target.