- Attackers can build bigger campaigns faster with generative AI
- They’re also attacking enterprise agentic AI tools
- Humans are still a major weak point
New research from CrowdStrike confirms that hackers are exploiting AI to help them deliver more aggressive attacks in less time, with the tech also democratizing lesser-skilled hackers to more advanced code.
However, besides this, they’re also exploiting the same AI systems that are being used by enterprises – according to CrowdStrike, hackers are targeting the tools used to build AI agents, allowing them to gain access, steal credentials, and deploy malware.
CrowdStrike is most worried about agentic AI systems, suggesting that they’ve now become a “core part of the enterprise attack surface.”
Attackers are honing in on enterprise AI
The security company says it observed “multiple” hackers exploiting vulnerabilities in the tools used to build AI agents, which marks a major shift from patterns of old. Until now, humans have almost always been the primary entry point into a company, but now, CrowdStrike is worried that “autonomous workflows and non-human identities [are] the next frontier of adversary exploitation.”
“We’re seeing threat actors use GenAI to scale social engineering, accelerate operations, and lower the barrier to entry for hands-on-keyboard intrusions,” Head of Counter Adversary Operations Adam Meyers explained.
Funklocker and SparkCat are two examples of GenAI-built malware in the real world, while DPRK-nexus Famous Chollima has also been observed using generative AI to automate its insider attack program across all phases. Scattered Spider, a group believed to consist of UK and US nationals, even managed to deploy ransomware within 24 hours of accessing systems.
“Adversaries are treating these agents like infrastructure, attacking them the same way they target SaaS platforms, cloud consoles, and privileged accounts,” Meyers added.
Still, even though technologies like AI are playing an increasing role in speeding up attacks, CrowdStrike found that four in five (81%) interactive intrusions were malware-free – relying on human hands on keyboards to stay undetected.
You might also like
Discover more from cplexmath tech stop
Subscribe to get the latest posts sent to your email.
Add Comment