Can AI be sneakier than humans?

robot keyboard

We've all heard about how AI is being used to improve cyberattacks, by creating better phishing emails for example, but does AI really have the same potential for being sneaky as humans?

New research from IBM X-Force has set out to answer the question, ‘Do the current Generative AI models have the same deceptive abilities as the human mind?’

Stephanie Carruthers, IBM's chief people hacker, writes on the company's blog, "With only five simple prompts we were able to trick a generative AI model to develop highly convincing phishing emails in just 5 minutes -- the same time it takes me to brew a cup of coffee. It generally takes my team about 16 hours to build a phishing email, that’s without factoring in the infrastructure set-up. So, attackers can potentially save nearly two days of work by using Generative AI models. And the AI-generated phish was so convincing that it nearly beat the one crafted by experienced social engineers, but the fact that it’s even that on par, is an important development."

See also:

The researchers asked ChatGPT to look at the primary areas of concern for employees in particular industries, then select the social engineering and marketing techniques to use, and who best to impersonate within the business. Using this information it then generated a phishing email. X-Force Red social engineers were set the same task and also came up with a phishing email.

After testing where both messages were sent to over 800 employees at a global healthcare organization, the human-generated message achieved a higher click rate, gut only by a small margin (AI 11 percent, humans 14 percent).

Carruthers concludes, "The emergence of AI in phishing attacks challenges us to reevaluate our approaches to cybersecurity. By embracing these recommendations and staying vigilant in the face of evolving threats, we can strengthen our defenses, protect our enterprises, and ensure the security of our data and people in today's dynamic digital age."

You can find out more on the X-Force blog.

Photo Credit: Willyam Bradberry/Shutterstock

Comments are closed.

© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.