AI Threats to Information Security

 

AI threats to information security are surging, with cybercrime increasing significantly in many regions and sectors across the globe including South Africa.

AI brings many productivity benefits to businesses, in particular generating content, code and more. While most organisations are striving to ensure the ethical and responsibly use of AI, there is a very concerning element of misuse growing.   

Cyber criminals are increasingly using (AI) to carry out attacks that are faster, more advanced and harder to detect. From AI-generated phishing emails that impersonate trusted contacts, to automated tools that scan for and exploit software vulnerabilities, the threat landscape is evolving rapidly.

According to the UK Information Commissions Office, (ICO) there are seven primary AI-powered threats facing organisations. It is important to understand them and to adopt layers of defence to counter them as foundational security alone is not enough.  

Estate managers and service providers (Operators) need to know what they are up against and what defence mechanisms they need to implement to counter these with AI threats to information security. 

Know what you’re up against

Horison scanning and understanding potential threats is the foundation of effective security. The main AI-powered risks facing organisations include:

  • AI-enhanced phishing: attackers use AI to generate highly convincing, personalised messages impersonating colleagues, clients or trusted suppliers.
  • Deepfake social engineering: AI-generated audio and video can be used to impersonate colleagues or IT staff to trick employees into resetting credentials or granting system access.
  • Automated vulnerability scanning and exploitation: AI tools can rapidly scan systems, identify weaknesses and launch targeted attacks.
  • AI-powered malware: malicious code that adapts its behaviour in real time to evade detection by conventional antivirus and security tools.
  • Credential stuffing and password attacks: AI accelerates brute-force and credential stuffing attacks, making weak or reused passwords more vulnerable.
  • Data poisoning: where AI models are used in your services, attackers may attempt to corrupt training data or manipulate model outputs to cause harm or extract sensitive data.
  • Indirect prompt injection attacks: where malicious instructions are embedded in external content that an AI system processes and misinterprets as legitimate commands. This includes tool poisoning, where this is hidden within the metadata of tools that an AI agent interacts with. 

Get the basics right and layer your defences

Most successful cyber attacks exploit basic security failures. We acknowledge that most organisations have appropriate and reasonable technical and organisational controls in place.  

But when it comes to AI-powered threats, foundational security alone is not enough. Layers of defence are essential, such as multiple controls so that if one fails, others contain the damage. 

AI tools identify and exploit known vulnerabilities at speed, so make sure there is a solid patching and updating process in place so that available security fixes are applied in a timely manner. In addition to this, there are several layers needed to strengthen your defences including: 

Restrict Access points

Weak access points are a primary target for cyber attacks, and that includes your third-party suppliers.

Improve your detection, monitoring and incident response

You should implement comprehensive security monitoring for suspicious activity such as unusual login patterns, unexpected data transfers, and abnormal API usage, as well as regularly identify weaknesses through vulnerability scanning and penetration testing

Protect Personal Information

AI-powered attacks increasingly target personal  information, which can also be used to facilitate further attacks. 

Depending on your organisation, measures could include:

  • Data minimisation and storage limitation: only collect and retain the personal data you genuinely need. The less you hold, the less there is to steal.
  • Data audits: regularly audit what personal data you hold, where it is stored and who has access to it. AI tools that process or are trained on personal data require particular attention.
  • Staff awareness: train staff to recognise AI-powered social engineering attacks such as AI-generated phishing, voice cloning and deepfake techniques. Training should be regular and updated to reflect the current threat landscape.
  • Encryption and pseudonymisation. You could also consider encryption and pseudonymisation to reduce the impact of a breach.

None of this is new, but AI brings a renewed urgency and greater speed

For more information, please contact us or attend one of our Information and Cybersecurity Training Workshops

The primary source of this post is the UK Information Commissioners Office (ICO) @ https://ico.org.uk/