版权说明:本文档由用户提供并上传,收益归属内容提供方,若内容存在侵权,请进行举报或认领
文档简介
3/4/24,11:35AMThenear-termimpactofAIonthecyberthreat-NCSC.GOV.UK
Thenear-termimpactofAIonthecyberthreat
AnNCSCassessmentfocusingonhowAIwillimpacttheefficacyofcyber
operationsandtheimplicationsforthecyberthreatoverthenexttwoyears.
UKCyberPolicycomment
DuringtheBletchleyAISafetySummitinNovember2023,internationalleaderscame
togethertodiscussthevastpotentialofAImodelsinpromotingeconomicgrowth,
propellingscientificadvances,andprovidingawiderangeofpublicbenefits.TheyalsounderscoredthesecurityrisksthatcouldarisefromtheirresponsibledevelopmentanduseofAItechnologies.TheUKgovernmentisevaluatingandaddressingthepotentialthreatsandrisksassociatedwithAI.
WhileitisessentialtofocusontherisksposedbyAI,wemustalsoseizethesubstantialopportunitiesitpresentstocyberdefenders.Forexample,AIcanimprovethedetectionandtriageofcyberattacksandidentifymaliciousemailsandphishingcampaigns,
ultimatelymakingthemeasiertocounteract.
TheSummitDeclarationhighlightedtheimportanceofensuringthatAIisdesigned,
developed,deployed,andusedinamannerthatissafe,human-centric,trustworthy,andresponsibleforthebenefitofall.TheNCSCcontinuestoworkwithinternationalpartnersandindustrytoprovideguidanceonthesecuredevelopmentanduseofAI,sothatwe
canrealisethebenefitsthatAIofferstosociety,publishing
GuidelinesforSecureAI
SystemDevelopment
inNovember2023.
NCSCAssessment
NCSCAssessment(NCSC-A)istheauthoritativevoiceonthecyberthreattotheUK.Wefuseall-sourceinformation–classifiedintelligence,industryknowledge,academicmaterialandopensource–toprovideindependentkeyjudgementsthatinformpolicydecisionmakingandimproveUKcybersecurity.Wework
closelywithgovernment,industryandinternationalpartnersforexpertinputintoourassessments.
.uk/report/impact-of-ai-on-cyber-threat
1/8
3/4/24,11:35AMThenear-termimpactofAIonthecyberthreat-NCSC.GOV.UK
NCSC-AispartoftheProfessionalHeadsofIntelligenceAssessment(PHIA).PHIA
leadsthedevelopmentoftheprofessionthroughanalyticaltradecraft,professionalstandards,andbuildingandsustainingacross-governmentcommunity.
Thisreportusesformalprobabilisticlanguage(seeyardstick)fromNCSC-A
producttoinformreadersaboutthenear-termimpactonthecyberthreatfromAI.TolearnmoreaboutNCSC-A,pleasecontact
enquiries@.uk
.
Howlikelyisa'realisticpossibility'?
ProfessionalHeadofIntelligenceAssessment(PHIA)probabilityyardstick
NCSCAssessmentusesthePHIAprobabilityyardstickeverytimewemakeanassessment,judgement,orprediction.Thetermsusedcorrespondtothe
likelihoodrangesbelow:
Keyjudgements
·Artificialintelligence(AI)willalmostcertainlyincreasethevolumeandheightentheimpactofcyberattacksoverthenexttwoyears.However,theimpactonthecyberthreatwillbeuneven(
seetable1
).
.uk/report/impact-of-ai-on-cyber-threat
2/8
3/4/24,11:35AMThenear-termimpactofAIonthecyberthreat-NCSC.GOV.UK
·Thethreatto2025comesfromevolutionandenhancementofexistingtactics,techniquesandprocedures(TTPs).
·Alltypesofcyberthreatactor–stateandnon-state,skilledandlessskilled
–arealreadyusingAI,tovaryingdegrees.
·AIprovidescapabilityupliftinreconnaissanceandsocialengineering,
almostcertainlymakingbothmoreeffective,efficient,andhardertodetect.
·MoresophisticatedusesofAIincyberoperationsarehighlylikelytobe
restrictedtothreatactorswithaccesstoqualitytrainingdata,significantexpertise(inbothAIandcyber),andresources.Moreadvancedusesareunlikelytoberealisedbefore2025.
·AIwillalmostcertainlymakecyberattacksagainsttheUKmoreimpactful
becausethreatactorswillbeabletoanalyseexfiltrateddatafasterandmoreeffectively,anduseittotrainAImodels.
·AIlowersthebarrierfornovicecybercriminals,hackers-for-hireand
hacktiviststocarryouteffectiveaccessandinformationgathering
operations.Thisenhancedaccesswilllikelycontributetotheglobalransomwarethreatoverthenexttwoyears.
·Movingtowards2025andbeyond,commoditisationofAI-enabledcapabilityincriminalandcommercialmarketswillalmostcertainlymakeimproved
capabilityavailabletocybercrimeandstateactors.
Context
ThisassessmentfocusesonhowAIwillimpacttheeffectivenessofcyber
operationsandtheimplicationsforthecyberthreatoverthenexttwoyears.It
doesnotaddressthecybersecuritythreattoAItools,northecybersecurityrisksofincorporatingthemintosystemarchitecture.
TheassessmentassumesnosignificantbreakthroughintransformativeAIinthistimeperiod.Thisassumptionshouldbekeptunderreview,asanybreakthrough
couldhavesignificantimplicationsformalwareandzero-dayexploitdevelopmentandthereforethecyberthreat.
.uk/report/impact-of-ai-on-cyber-threat
3/8
3/4/24,11:35AMThenear-termimpactofAIonthecyberthreat-NCSC.GOV.UK
TheimpactofAIonthecyberthreatwillbeoffsetbytheuseofAItoenhance
cybersecurityresiliencethroughdetectionandimprovedsecuritybydesign.
MoreworkisrequiredtounderstandtheextenttowhichAIdevelopmentsincybersecuritywilllimitthethreatimpact.
Assessment
1.TheimpactofAIonthecyberthreatisuneven;bothintermsofitsusebycyberthreatactorsandintermsofupliftincapability.
2.Table1:ExtentofcapabilityupliftcausedbyAIovernexttwoyears.
.uk/report/impact-of-ai-on-cyber-threat
4/8
3/4/24,11:35AMThenear-termimpactofAIonthecyberthreat-NCSC.GOV.UK
Highlycapable
statethreatactors
Capablestateactors,commercialcompaniessellingtostates,
organisedcybercrime
groups
Less-skilledhackers-for-hire,opportunisticcybercriminals,
hacktivists
Intent
High
High
Opportunistic
Capability
HighlyskilledinAIandcyber,wellresourced
Skilledincyber,someresourceconstraints
Novicecyberskills,limitedresource
Reconnaissance
Moderateuplift
Moderateuplift
Uplift
Social
engineering,phishing,
passwords
Uplift
Uplift
Significantuplift(fromlowbase)
Tools(malware,exploits)
Realisticpossibilityofuplift
Minimaluplift
Moderateuplift(fromlowbase)
Lateralmovement
Minimaluplift
Minimaluplift
Nouplift
Exfiltration
Uplift
Uplift
Uplift
Implications
Bestplacedto
harnessAI'spotentialinadvancedcyber
operationsagainst
networks,forexampleuseinadvanced
malwaregeneration.
Mostcapabilityupliftinreconnaissance,socialengineeringand
exfiltration.WillproliferateAI-enabledtoolstonovicecyberactors.
Lowerbarriertoentrytoeffectiveandscalableaccessoperations-
increasingvolumeof
successfulcompromise
ofdevicesandaccounts.
KEY:MINIMALUPLIFT囚MODERATEUPLIFT囚UPLIFT囚SIGNIFICANTUPLIFT
3.AIwillprimarilyofferthreatactorscapabilityupliftinsocialengineering.
GenerativeAI(GenAI)canalreadybeusedtoenableconvincinginteractionwithvictims,includingthecreationofluredocuments,withoutthe
translation,spellingandgrammaticalmistakesthatoftenrevealphishing.Thiswillhighlylikelyincreaseoverthenexttwoyearsasmodelsevolveanduptakeincreases.
.uk/report/impact-of-ai-on-cyber-threat
5/8
3/4/24,11:35AMThenear-termimpactofAIonthecyberthreat-NCSC.GOV.UK
4.AI’sabilitytosummarisedataatpacewillalsohighlylikelyenablethreatactorstoidentifyhigh-valueassetsforexaminationandexfiltration,
enhancingthevalueandimpactofcyberattacksoverthenexttwoyears.
5.Threatactors,includingransomwareactors,arealreadyusingAItoincreasetheefficiencyandeffectivenessofaspectsofcyberoperations,suchas
reconnaissance,phishingandcoding.Thistrendwillalmostcertainly
continueto2025andbeyond.Phishing,typicallyaimedeitheratdelivering
malwareorstealingpasswordinformation,playsanimportantrolein
providingtheinitialnetworkaccessesthatcybercriminalsneedtocarryoutransomwareattacksorothercybercrime.Itisthereforelikelythatcyber
criminaluseofavailableAImodelstoimproveaccesswillcontributetotheglobalransomwarethreatinthenearterm.
6.AIislikelytoassistwithmalwareandexploitdevelopment,vulnerability
researchandlateralmovementbymakingexistingtechniquesmore
efficient.However,inthenearterm,theseareaswillcontinuetorelyon
humanexpertise,meaningthatanylimitedupliftwillhighlylikelyberestrictedtoexistingthreatactorsthatarealreadycapable.AIhasthepotentialto
generatemalwarethatcouldevadedetectionbycurrentsecurityfilters,butonlyifitistrainedonqualityexploitdata.Thereisarealisticpossibilitythat
highlycapablestateshaverepositoriesofmalwarethatarelargeenoughtoeffectivelytrainanAImodelforthispurpose.
7.Cyberresiliencechallengeswillbecomemoreacuteasthetechnology
develops.To2025,GenAIandlargelanguagemodels(LLMs)willmakeit
difficultforeveryone,regardlessoftheirlevelofcybersecurity
understanding,toassesswhetheranemailorpasswordresetrequestis
genuine,ortoidentifyphishing,spoofingorsocialengineeringattempts.Thetimebetweenreleaseofsecurityupdatestofixnewlyidentified
vulnerabilitiesandthreatactorsexploitingunpatchedsoftwareisalreadyreducing.Thishasexacerbatedthechallengefornetworkmanagersto
patchknownvulnerabilitiesbeforetheycanbeexploited.AIishighlylikelytoacceleratethischallengeasreconnaissancetoidentifyvulnerabledevicesbecomesquickerandmoreprecise.
8.Expertise,equipment,timeandfinancialresourcingarecurrentlycrucialtoharnessmoreadvancedusesofAIincyberoperations.Onlythosewho
.uk/report/impact-of-ai-on-cyber-threat
6/8
3/4/24,11:35AMThenear-termimpactofAIonthecyberthreat-NCSC.GOV.UK
investinAI,havetheresourcesandexpertise,andhaveaccesstoqualitydatawillbenefitfromitsuseinsophisticatedcyberattacksto2025.Highlycapablestateactorsarealmostcertainlybestplacedamongstcyber
threatactorstoharnessthepotentialofAIinadvancedcyberoperations.Otherstateactorsandmostcommercialcompaniesthatoffercapabilitytostatesworldwidewillgainmoderatecapabilityupliftoverthenext
eighteenmonthsinsocialengineering,reconnaissanceandexfiltration.Capableandestablishedcriminalgroupsarealsolikelytohaveenoughtrainingdataandresourcetogainsomeuplift.
9.However,itisarealisticpossibilitythatthesefactorsmaybecomeless
importantovertime,asmoresophisticatedAImodelsproliferateand
uptakeincreases.PubliclyavailableAImodelsalreadylargelyremovethe
needforactorstocreatetheirownreplicatechnologies,especiallyinlow-sophisticationoperationssuchasspear-phishing.Less-skilledcyberactorswillalmostcertainlybenefitfromsignificantcapabilityupliftsinthistypeofoperationto2025.Commoditisationofcybercrimecapability,forexample‘as-a-service’businessmodels,makesitalmostcertainthatcapable
groupswillmonetiseAI-enabledcybertools,makingimprovedcapabilityavailabletoanyonewillingtopay.
10.To2025,trainingAIonqualitydatawillremaincrucialforitseffectiveuseincyberoperations.Thescalingbarriersforautomatedreconnaissanceof
targets,socialengineeringandmalwareareallprimarilyrelatedtodata.Butto2025andbeyond,assuccessfulexfiltrationsoccur,thedatafeedingAIwillalmostcertainlyimprove,enablingfaster,moreprecisecyberoperations.
11.Increasesinthevolumeandheightenedcomplexityandimpactofcyber
operationswillindicatethatthreatactorshavebeenabletoeffectively
harnessAI.ThiswillhighlylikelyintensifyUKcyberresiliencechallengesintheneartermforUKgovernmentandtheprivatesector.
Glossary
Artificialintelligence
.uk/report/impact-of-ai-on-cyber-threat
7/8
3/4/24,11:35AMThenear-termimpactofAIonthecyberthreat-NCSC.GOV.UK
Computersystemswhichcanperformtasksusuallyrequiringhumanintelligence.Thiscouldin
温馨提示
- 1. 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。图纸软件为CAD,CAXA,PROE,UG,SolidWorks等.压缩文件请下载最新的WinRAR软件解压。
- 2. 本站的文档不包含任何第三方提供的附件图纸等,如果需要附件,请联系上传者。文件的所有权益归上传用户所有。
- 3. 本站RAR压缩包中若带图纸,网页内容里面会有图纸预览,若没有图纸预览就没有图纸。
- 4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
- 5. 人人文库网仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对用户上传分享的文档内容本身不做任何修改或编辑,并不能对任何下载内容负责。
- 6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
- 7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。
最新文档
- 中国化妆品级滑石粉质量控制与行业规范发展报告
- 中国会展赞助市场发展与价值变现策略报告
- 中国会展设计创意产业发展与市场价值分析报告
- 中国会展绿色认证体系与环保标准实施分析报告
- 金融行业Java开发面试高频问题及答案
- 2026逻辑画图面试题及答案
- 2026营地教育面试题及答案
- 2026文案策划面试题及答案
- 2025-2026学年六年级语文要素教学设计
- 2025-2026学年幼儿民族教案封面
- 工抵房定金合同范本
- 校园安全从我做起
- 2024年9月21日九江市五类人员面试真题及答案解析
- 项目部管理人员节后复工安全教育
- 2025年人力资源管理师(二级)案例分析专项训练试卷及答案
- 2025年-2023版思想道德与法治课件南开第一章 领悟人生真谛 把握人生方向-新版
- 吊装安全培训课件
- 2026年益阳师范高等专科学校单招职业技能测试必刷测试卷及答案1套
- 2025年临床执业助理医师资格考试真题试卷(+答案)
- 2025年贵州遵义市中考英语考试真题带答案
- 建设单位与勘察单位安全生产责任书
评论
0/150
提交评论