September 05, 2023
Is generative AI exposing your business to risks?
Generative artificial intelligence (AI), such as the renowned ChatGPT, is making waves across many industries. It brings new possibilities for automation of various tasks that can save us time and effort. From streamlining workflows and creating complex code to solving maths problems and producing content, these generative AI tools are being used every day by modern companies.
However, as many people are aware, AI relies on human input; as the collective human race creates, the AI algorithm learns from us. This means that these new technologies can be used for malicious purposes. With cyber security already at the forefront of many digital-based industries, the question is how will AI affect cyber security.
Can generative AI be used by hackers to create foolproof code to gain access to your company’s servers? Can ChatGPT be used to impersonate employees in phishing attempts? It’s vital that companies and business leaders understand the implications of generative AI and how to prevent any risks associated with these tools.
How hackers can use generative AI
AI tools like ChatGPT are helping businesses but also threat actors. Cyber criminals can use the software in a variety of new ways. A staggering 450 000 new pieces of malware are created every day, combined with an estimated 3.4 billion phishing emails; there is no doubt that generative AI is used to create some of these threats.
Global security agencies have also warned us that AI chatbots can be used to store personal data. This data can be used to create convincing and sophisticated phishing emails. These incidents of phishing scams have increased by 61% year-on-year and the introduction of generative AI in 2022 has spurred on this growth.
Spelling mistakes are the best way to spot fake emails or phishing attempts, but hackers intentionally use some typos to bypass email filters. Generative AI tools can be instructed to write imperfectly for the same results. This allows phishing campaigns to reach their intended targets at a higher rate.
New privacy concerns arise
Generative AI presents various risks to businesses, including privacy concerns, automated attacks and malicious use. Unlike search engines, which avoid indexing certain information, online documents and webpages, AI tools scrape the web to ‘teach’ their algorithms. This means that sophisticated large language models, like ChatGPT, could be scoured by hackers to find sensitive information.
These include ID numbers, phone numbers, email addresses and residential addresses of citizens. By carefully prompting the AI, cyber criminals can gain access to a plethora of private information from websites with lax cyber security measures in place. One glimmer of hope is that in this vast sea of data, it is near impossible for hackers to actually find the correct information that they are looking for, but the probability still exists.
It’s also important to remember that generative AI tools are making predictions based on training data and the positive reinforcements to responses given by users. These tools cannot be instructed to perform or automate cyber attacks; they will not follow such overt prompts.
AI does more good than harm
Chat GPT and other generative AI tools can help cyber security teams just as much, if not more, than they aid criminals. Security teams need to be trained on how to understand these tools better. AI can be used to prevent various cyber attacks, especially phishing attempts, by identifying suspect language and deviations from the norm. Security teams need to know how to implement these processes and use AI in their everyday operations.
Generative AI presents many fantastic opportunities and an exciting future. But companies cannot lose sight of the threats that come along with these developments. Like any transition we’ve gone through before, business leaders need to be prepared and consider the various ways to use AI for the benefit of their companies.
SEACOM is a leading ICT services provider in South Africa, so we understand how generative AI tools are shaping the IT industry. We offer various cyber security services to enterprise customers in the country. These help to mitigate the chances of successful attacks and improve the security posture of our customers. For more information about these services or to get a quote, email us at marketing@seacom.com or leave us a message.
SEACOM owns Africa’s most extensive network of information and communications technology (ICT) infrastructure, including subsea cables and secure internet connections. We offer a diverse range of flexible, scalable and high-quality solutions for businesses that meet world-class standards for connectivity.
SEACOM is privately owned and operated, making it agile and adaptable to the needs of the customer. This makes us the preferred ICT and internet connectivity partner for African businesses and peripheral service providers. We can guarantee high-speed, low-latency and secure internet connections to corporates and small enterprises.
For more information on our internet and voice solutions, follow us on LinkedIn, Facebook or Twitter. Keep an eye on our news section for insightful articles and relevant news stories on African ICT, internet connectivity and our leading cloud and security solutions.