It is becoming more apparent that phishing attacks that compromise credentials are linked to the rise of artificial intelligence (AI). These attacks will only increase in volume and sophistication, and more organizations must focus on limiting the scope of damage of a cybersecurity breach.
The unfortunate truth is that it’s going to be a lot more difficult to prevent credentials from being stolen as cybercriminals become more adept at using generative AI platforms to craft phishing attacks that mimic specific individuals. Most end users today already find it difficult to consistently identify phishing attacks, so as AI is used to make them seem more plausible, the number of credentials that will be stolen is only going to increase.
Naturally, those credentials are then going to be used first to steal data and then plant malware designed to move laterally across an organization. The only way to limit that damage is to define an IT architecture using zero-trust principles that isolate IT environments in a way that limits the ability of malware to move laterally across an organization, otherwise known as cybersecurity resiliency. Once a breach occurs, the scope of the damage inflicted is then much more limited.
The absence of cybersecurity resiliency poses difficulties
The challenge organizations face today is the need for more expertise to craft such an IT architecture. In contrast, many managed service providers (MSPs) already have the skills to help organizations become more resilient to cyberattacks. They can do this by applying zero-trust principles alongside a data protection service, making it possible to recover data from an encrypted cyberattack. In effect, organizations of all sizes will need what amounts to a managed cybersecurity resiliency service.
It may be a few more months before the extent to which cybercriminals employ AI to launch cyberattacks becomes apparent. It’s now only a question of time before it becomes pervasive, regardless of what safeguards providers of public services such as ChatGPT have put in place. It doesn’t take a lot of prompting expertise to work around those safeguards. Ultimately, the only way to combat cyberattacks that use AI will be to rely on defenses that are augmented by AI. In effect, an AI cybersecurity arms race is now well underway.
It’s not likely, however, that the AI models created for cyber defenders are going to detect sophisticated phishing campaigns. As it becomes easier to launch those campaigns at higher levels of scale at very little cost, the chances that one or more of these phishing campaigns are going to succeed increases exponentially. Organizations are going to need to assume that IT environments are going to be breached, so there is going to need to be more focus than ever on containment.
As that transition occurs, savvy MSPs should present themselves as containment experts that increase the cybersecurity resiliency of an organization. There may be no such thing as perfect security, but there are plenty of ways to make an organization more resilient that MSPs are uniquely positioned to best provide.
Photo: Harmattan Toujours / Shutterstock