版权说明:本文档由用户提供并上传,收益归属内容提供方,若内容存在侵权,请进行举报或认领
文档简介
CISOGuideto
GenerativeAIAttacks
Understandingand
DefendingAgainst
AI-Generated
EmailAttacks
10%
ofalldataproducedwillbegeneratedbyAIby2025.
Gartner
65%
ofexecutivesbelievegenerativeAIwillhaveahighimpactonbusiness.
53%
ofITprofessionalsbelievethatChatGPTwillbeusedthisyeartohelphackerscraftmorebelievableandlegitimate-soundingphishingemails.
CISOGuidetoGenerativeAIAttacks
2
TheRisingThreatof
GenerativeAI
Anyonewhohasspenttimeonlinein2023haslikelyheardaboutChatGPTandGoogleBard,twoofthemorepopularplatformsthatharnessgenerativeartificialintelligence(AI)tocompletewrittencommands.Andinthefewmonthssincetheirrelease,they’vehadaprofoundimpactonvariousaspectsofourdigitalworld.
Byleveragingadvancedmachinelearningtechniques,generativeAIenablescomputerstogenerateoriginalcontentincludingtext,images,music,andcodethatcloselyresembleswhatahumancouldcreate.Thetechnologyitselfhasfar-reachingimplications,manyofwhichcanbeusedforbothpersonalandprofessionalgood.Artistsandauthorscanuseittoexplorenewcreativedirections,pilotsanddoctorscanuseitfortrainingandreal-worldsimulation,andtravelagentscanhaveitcreatetripitineraries—amongthousandsofotherapplications.
Butlikeanythingelse,cybercriminalscantakeadvantageofthistechnologyaswell.Andunfortunately,theyalreadyhave.PlatformsincludingChatGPTcanbeusedtogeneraterealisticandconvincingphishingemailsandmoredangerousmalware,whiletoolslikeDeepFaceLabcan
createsophisticateddeepfakecontentincludingmanipulatedvideoandaudiorecordings.Andthisislikelyonlythebeginning.
TocombatthemaliciousapplicationsofgenerativeAI,it’scrucialfororganizationstocontinuallydevelopandimplementrobustdefenses,enhancedetectioncapabilities,andstayvigilanttoemergingthreats—
beforetheybecomethenextvictimofan
AI-generatedattack.
KPMG
BlackBerry
©2023AbnormalSecurityCorporation.Allrightsreserved.
CISOGuidetoGenerativeAIAttacks
HowGenerativeAICan
BeUsedinCyberAttacks
CredentialPhishing
CybercriminalsmayemploygenerativeAItechniquestoenhancethesophisticationandrealismofphishingemailsandtheircorrespondinglandingpages,increasingthechancesoftrickingusersintorevealingsensitiveinformationorinputtingcredentials.
EndpointExploitation
Ifanattackeridentifiesvulnerabilitiesinsoftwarerunningonendpoints,generativeAIcouldbeusedtocreateautomatedattackpayloads.ByleveragingAItocreatespecificcodeorcommands,attackerscouldautomatethedeliveryofmaliciouspayloadstovulnerablesystemsandendpoints.
BEC&SocialEngineering
Byinputtingspecificinformationaboutatargetand/orpreviousconversationhistory,generativeAIcanbeusedtoengageinconversationswithusers,attemptingtobuildtrustandmanipulatethemintotakingspecificactions.Themodelscangeneratepersuasivemessagesandbeusedthroughoutanentireconversationtoconvincethetargettopayafakeinvoice,changebankingdetails,orprovideaccesstosensitiveinformation.
MalwareCreation
GenerativeAIcanautomatetheprocessofgeneratingnewvariantsofmalware,makingitmorechallengingfortraditionalsignature-basedendpointprotectionsystemstodetectandblockthemeffectively.Byleveraginggenerative
AItechniques,attackerscancreatepolymorphicorself-mutatingmalwarethatchangesitscodeorbehavior,allowingittoevadedetectionandpersistoncompromisedendpoints.
It’sworthnotingthatcyberattackscreatedbygenerativeAItoolscantakemanyformsandoftendo.Theseattackscanbepartoflargerphishingoraccounttakeoverschemesandcanhavedireconsequencesforbothemployeesandtheirorganizations.
3
©2023AbnormalSecurityCorporation.Allrightsreserved.
CISOGuidetoGenerativeAIAttacks
ImpactofGenerativeAI
onCybercrime
WhilepopularusageofgenerativeAIisstillrelativelynewandtheextentoftheimpactcannotyetbedetermined,thereareearlysignalstoindicatethatthisisathreatwecannotsimplyignore.ChatGPTaloneexceeded1millionuserswithin5daysoflaunch,withindicationsthatatleastsomeofthosepeoplewerelookingtouseitfornefariouspurposes.
WeekstoReach1MillionUsers
ChatGPT
DALL-E
CoPilot
1,000,000
750,000
500,000
250,000
0
248101214161820222426
Weeks
Gartnerpredictsthatby2025,generativeAIwillaccountfor10%ofalldataproduced,upfromlessthan1%in2021andthegenerativeAImarketisprojectedtoreachover$14.7trillionby2030.AndwhilegenerativeAIwilllikelybemostlyusedforlegitimatepurposes,wewouldbenaivetobelievethatbadactorswillnotuseitfortheirownmaliciouspurposes.
InaJanuary2023studybyBlackBerry,78%ofITprofessionalspredictedthatasevereattackcreditedtoChatGPTwilloccurwithintwoyears,and71%believethatnation-statesarealreadyleveragingitformaliciouspurposes.OfthewaysthatthreatactorsmayharnessChatGPTspecifically,respondentsaremostconcernedabouttheabilitytocraftmorebelievableandlegitimate-soundingphishingemails,tocreatenewmalware,andtohelplessexperiencedhackersimprovetheirtechnicalknowledgeanddeveloptheirskills.
4
©2023AbnormalSecurityCorporation.Allrightsreserved.
CISOGuidetoGenerativeAIAttacks
WhyGenerativeAIAttacks
areanIncreasingIssue
GenerativeAItoolshaveenabledcybercriminalstoquicklyandeasilycreatevarioustypesofattacks.WithplatformslikeChatGPT,attackerscanautomateandscaletheirattackplaybooks.Businessemailcompromiseisalreadythemostfinancially-devastatingcybercrimeforbusinessesworldwide,resultinginmorethan$43billioninexposedlossessince2016andthisevolutioningenerativeAIisonlygoingtomaketheproblemworse.Here’swhy:
IncreasedEaseofAccess
EverypersonintheworldwhohasaccesstotheInternetcanaccessChatGPTandsimilartools,makingitpossiblefornewcybercriminalstostartsendingattacks,evenwithoutpreviousknowledge.TheproliferationofgenerativeAIenablesnearlyanyonetobecomeasophisticatedcybercriminalinamatterofseconds,providingnotonlytipsonhowtogetstarted,butalsotheexactelementsneededtoexecuteasuccessfulattack.
IncreasedVolume
WithanincreaseinthenumberofpeopleusinggenerativeAItocreateattacks,it’snaturalthatthevolumeofattackswillincreaseaswell.Butthisisnottheonlythingatplay.GenerativeAIenablescriminalstocreateemailsmuchfasterthaneverbefore—compilinginsecondswhatusedtotakehours,whichcreatesasuperweaponattheirdisposal.
IncreasedSophistication
Usershavelongbeentaughttolookfortyposandgrammaticalerrorsinemailstounderstandwhetheritisanattack,butgenerativeAIcancreateperfectly-craftedemailsthatlookcompletelylegitimate—makingitimpossibleforemployeestodecipheranattackfromarealemail.Andit’snotonlyEnglishanymoreeither.ChatGPTalonecangeneratetextinmultiplelanguages,includingSpanish,Russian,Arabic,German,andJapanese.
Furthermore,theabilityforattackerstousepreviousconversationhistory,oftenaccessedthroughacompromisedemailaccount,canenablegenerativeAItocontinueconversationsthatappeartocomefromarealuser.Havingtheabilitytoreferencepreviousinformationin-threadorsoundexactlyliketheimpersonateduseronlyincreasesthelikelihoodthatthetargetwillfallvictimtotheattack.
5
©2023AbnormalSecurityCorporation.Allrightsreserved.
CISOGuidetoGenerativeAIAttacks
AReal-WorldAttackExample
DespitethefactthatChatGPThasonlybeenavailableforafewmonths,cybercriminalsarealreadystartingtouseitforattacks.AbnormalSecurityrecentlydetectedanumberofattackscreatedbygenerativeAItools—mostlyusedincredentialphishingcampaigns.
Unfortunately,theseattacksarenearlyimpossibletodetectbytheaverageenduser.Asyoucansee,thereareanumberofthingsthatmakethisemaillookextremelylegitimate.
Subject:Importantnotice:YourFacebookPageisatriskofbeingdisabledSender:MetaforBusiness<facebookpagereport@>
To:MichaelBamen<mbamen@>RECIPIENTDate:May3,2023,1:10pmET
Hello,
PerfectGrammar
Unlikethephishingemails
ofthepast,thereisnota
singlemisspelledwordor
grammaticalerrorinthis
lengthyemail.
WeregrettoinformyouthatyourFacebookPagehasbeenfoundinviolationofourcommu-
nitystandardsandpolicies.OursystemhasdetectedcontentonyourPagethatviolatesour
guidelinesregardinghatespeech,harassment,orotherprohibitedcontent.
Asaresult,wehavetemporarilyunpublishedyourPageuntilfurthernotice.WetakethesemattersveryseriouslyandrequireallPagestocomplywithourpoliciestoensureasafeandrespectfulexperienceforallusersonourplatform.
"Confirm"buttonbelow.REQUEST/ENGAGE
Ifyoubelievethatthisactionwastakeninerror,youmaysubmitanappealbyclickingonthe
Oursupportteamwillreviewyourappealand
providefurtherguidanceonhowtoresolvethismatter.
RelevantTopic
Theemailhasbeensentto
theadminofthecompany’s
FacebookPage,stating
ConfirmSUSPICIOUSLINK
thatthePagehasbeentemporarilyunpublished.
Ourteamwillreviewyourappealassoonaspossibleandprovideyouwithanupdateonthestatusofyourpage.Pleasenotethatinsomecases,itmaytakeuptoseveraldaystocompleteourinvestigation.
Thankyouforyourunderstandingandcooperationinthismatter.Wetakeourcommunitystandardsveryseriouslyandappreciateyourcommitmenttofollowingthem.
Bestregards,
TheFacebookTeam
Thismessageisanautomatedemail.Pleasedonotreply.
MetaPlatforms.229ParkAveS,NewYork,NY10007
UrgentInstructions
Usingatoneexpectedofa
business,theemailstates
thattherecipientshould
clickontheincludedlinkto
fileanappeal.
Iftherecipientweretoreceivethisemail,theywouldbemuchmorelikelytoclickthelinkthanifthisemailhadnotbeengeneratedbyAI.Thefactthatthisemailissowell-craftedmakesitmoredifficulttodetectbyhumans,underscoringtheincreasedneedforemailsecuritythatcanuseothersignalstodetectandblockthesewell-writtenandconvincingattacks.
6
©2023AbnormalSecurityCorporation.Allrightsreserved.
Instructions
Attack-Specific
Information
EmailThreadHistory
CISOGuidetoGenerativeAIAttacks
ThePotentialforMore
ComplexAttacks
Advancedphishingattacksaren’tanythingnew,butwithgenerativeAI,thereisanevengreaterthreatpotential.Imaginehoweasyitcouldbetocreateanattack(atmassivescale)usingsimpleinstructions.Forexample,let’sassumethatanattackerhasgainedaccesstoanemailaccountatavendororganizationandhasaccesstoprioremailthreadhistory.Byknowingwhothecompromisedusertypicallycommunicateswith,andknowingwhatthatcommunicationtypicallylookslike,theattackercancreateaverysophisticatedemailinamatterofseconds.
ThecybercriminalonlyhastoprovideatoollikeChatGPTwiththreeelementstocreateapersonalizedemailattack:instructions,attack-specificinformation,andtheemailthreadhistory.
Belowthereareinstructionsforyouandanemailconversation.
-Pleasewriteanemailresposeforperson1toaskperson2toupdatetheiraccountspayablesystemwiththenewbankaccountandroutingnumber.
-Theemailshouldbebrief,shouldsoundcasual,sincere,andpersonal(refer-encingthelastcorrespondence)
-Makesuretotellperson2thatiftheyhaveanyquestionstotextyou
Informationforyou:
Person1:LuciaForeman,AccountsReceivableManageratProliaSystemsPerson2:ReneeWest,VPofTreasuryatC
BankAccount:123
RoutingNumber:456
Person1cellphonenumber:123-456-7890
PreviousEmailConversation:
OnFriday,Dec3at8:58AMESTReneeWest<renee.west@>wrote:
HiLucia,thanksforconfirming.Iapplogizeforthedelayedresponse,inSanFranciscoithasbeenrainingalotsoI’vebeenabitsick.
Haveagreatweekend!
Cordially,
Renee
OnFriday,Dec3at8:33AMESTLuciaForeman<luciaforeman@proliasys->wrote:
HiRenee,
Justwantedtoconfirmwereceivedyourlatestpayment.Sorryaboutthehiccupandasalways,don’thesitatetoletusknowifthere’sanythingelseyouneed.
Best,
Lucia
7
©2023AbnormalSecurityCorporation.Allrightsreserved.
Subject:Requesttoupdateaccountspayablesystem
DearRenee,
Ihopeyou’refeelingbetterandtherainhasstoppedinSanFrancisco.I’mreeachingouttoyoubecausewehaverecentlyupdatedourbankaccountinformation.Ournewaccountnumberis123androutingnumberis456.
Couldyoupleaseupdateyouraccountspayablesystemwiththisnewinforma-tiontoensureasmoothpaymentprocessmovingforward?Ifyouhaveanyquestions,pleasedon’thesitatetotextmeat123-456-7890.
Thankyouforyourpromptattentiontothismatter.Weappreciateyourpartner-shipandhopeyouhaveagreatweek.
Bestregards,
LuciaForeman
AccountsReceivableManager
ProliaSystems
Usingthismethod,it’spossibleforevennon-technicalattackerstoautomaticallygeneratethousandsofpersonalizedattacks,indistinguishablefromnormalbusinesscommunications.Andunfortunately,ifthisemailweretolandinthetarget’sinbox,itislikelytoworkduetothetrustedrelationshipandpersonalizedcontent.
8
CISOGuidetoGenerativeAIAttacks
Withthistypeofinput,atoollikeChatGPTcanprovidean
extremelyconvincingemailthatwouldcontainabsolutely
zerotraditionalindicatorsofcompromiselikemalicious
attachmentsorasuspiciouslink.Itevenreferencesthe
previousconversationhistorytoappearlegitimate.
©2023AbnormalSecurityCorporation.Allrightsreserved.
CISOGuidetoGenerativeAIAttacks
HowtoStopEmailAttacks
GeneratedbyAI
Tocounterthesehigh-volumeandhighly-sophisticatedemailattacks,organizationsneedtherightemailsecurityplatform.Thenext-generationplatformincludestheuseofgoodAItocombatbadAI,aswellasthefollowingelements:
BehavioralDataScienceApproach
ThesolutionshoulduseafundamentallydifferentapproachthatleveragesbehavioraldatascienceandAItoprofileandbaselinegoodbehavioranddetectanomalies.Itshoulduseidentitymodeling,behavioralandrelationshipgraphs,anddeepcontentanalysistoidentifyandstopemailsthatappearsuspicious,andincludetheabilitytodetectwhethertheemailwascreatedusinggenerativeAImodels.
APIArchitectureandIntegrations
AsolutionthatconnectstoMicrosoft365andGoogleWorkspaceviaanAPIandindoingso,providesaccesstothesignalsanddataneededtodetectsuspiciousactivity.Thisincludesunusualgeolocations,dangerousIPaddresses,changesinmailfilterrules,unusualdevicelogins,andmore.Moreadvancedsolutionscanalsoconnecttootherapplications,includingSlack,Okta,Zoom,andCrowdStrike,tounderstandidentityanddetectmulti-channelattacks.
OrganizationalandSupplyChainInsights
Asolutionthatunderstandsbothformalandinformalorganizationalhierarchyandmapsinternalandcross-organizationalrelationshipstounderstandtypicalcommunicationpatternsandbehavior.Itshouldincludeafocusonvendorrelationshipstoprotectagainstbusinessemailcompromise,accounttakeovers,andothertypesoffraudthroughoutthesupplychain.
Withthesecapabilities,thesolutioncanusethousandsofsignalstodetectanomalousbehaviorsothatattackscreatedbygenerativeAIwillbestoppedbeforetheyreachtheinbox.
9
©2023AbnormalSecurityCorporation.Allrightsreserved.
TheproliferationoftoolslikeChatGPTandGoogleBardhasmadeitpossibleforbadactorstoincreasethevolumeandsophisticationoftheirattacksseeminglyovernight.Withtheabilitytocreatewell-writtenan
温馨提示
- 1. 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。图纸软件为CAD,CAXA,PROE,UG,SolidWorks等.压缩文件请下载最新的WinRAR软件解压。
- 2. 本站的文档不包含任何第三方提供的附件图纸等,如果需要附件,请联系上传者。文件的所有权益归上传用户所有。
- 3. 本站RAR压缩包中若带图纸,网页内容里面会有图纸预览,若没有图纸预览就没有图纸。
- 4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
- 5. 人人文库网仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对用户上传分享的文档内容本身不做任何修改或编辑,并不能对任何下载内容负责。
- 6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
- 7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。
最新文档
- 急诊科MRI检查意外现场处置方案演练脚本
- 2025-2026学年一个数除以分数教学设计
- 2025-2026学年音乐教学设计简笔画小学
- 2025-2026学年素描画基础训练教学设计
- 2025-2026学年清姬纹身手稿教学设计
- 方剂学章节试题及答案
- 2025-2026学年汕头围棋教学游戏设计
- 2026年教师个人总结思想上(3篇)
- 医务人员“三基”培训计划(2篇)
- 滑坡治理抗滑桩施工方案及技术措施
- 2025年初级会计职称《经济法基础》精讲课件第1-4章
- 认证风险的管理制度
- 2024-2025学年江苏省徐州市树人初级中学七年级上学期数学招生考试试卷
- 人事行政部半年度工作总结
- 2025冻品类产品独家代理合作协议范本
- 2025四川国家公务员行测考试真题及答案
- 2025年三力老人测试题及答案
- 2024版电网典型设计10kV配电站房分册
- 招标采购专家管理办法
- 广东研学实践活动方案
- 移动升降车培训考试试题及答案
评论
0/150
提交评论