Header image

Mikko: Offensive AI Attack Capabilities Increasing to Unknown Levels

The next revolution will be one out of control of humans.

The next revolution will not be built by humans, but will be built by AI.

Speaking at the With Secure ‘Sphere’ conference in Helsinki, chief research officer Mikko looked at ten years ago, when the concern was about Flash exploits and Drive-by Downloads and watering hole attacks where browsers executed code and infected users.

However this was killed off by the introduction of the Google Chrome browser in 2015 and with the greater use of closed operating systems, like on the Apple iPad, “we were in good shape, not winning, but it was not all bad news.” This is because computer systems, architecture “and the security provided by cybersecurity companies like ours is in better shape than it has ever been.”

Attackers improved though, and improved their attacks, and users now worry about ransomware, DDoS attacks taking down online shops, data breaches and business email compromises claiming to be a CFO, and as well as these concerns “AI keeps popping up, and for good reason.”

A New Revolution

Hypponen said that technology revolutions bring changes, and we saw it with both mobile and connectivity, “and it changes for better and worse.” Saying that “connectivity changed the world” and AI “will change world in even more in ways we can’t imagine.”

He said: “We tend to overestimate and underestimate the size of the revolution, and I think that will happen with AI as well."

He pointed to the possibilities of what could be built with AI, but admitted that there will be nefarious possibilities. “With new technology you can detect anomalous things.and build a vision or view of what a normal day looks like - where is the data flowing and look for abnormal things, such as why laptop wakes up at 4am and alert clients to a breach before it becomes a catastrophe,” he said.

Calling the AI revolution, the first revolution “we’ve built which has capability to improve itself,” Hypponen said AI could compile code, run a new version and tell that new version “this is your source code” and instruct it make an improvement, and repeat a billion times and end up with something we have no understanding of.

Threats of AI

Looking at the popular concerns about AI use, Hypponen said he doubts claims about how dangerous deepfakes have been to date, and scams are usually made at a consumer level and operated by humans.

However large language machine (LLM) malware will be a big deal, as will ‘automisation’ of malware campaigns. “This will drastically change the reaction speed of attackers, and all companies like us use AI and machine learning to react, but attackers have not automated their part - we have an edge and are better at this, but we hope we are better and could find out tomorrow.”

He also pointed at the capability of AI to find zero-days, which he said is “close to being able to be done today” and as LLMs speak all computing languages and read all Github code, the next step would be to give binary code to an LLM, where it could decode and understand a program and find bugs, and write code to exploit it.

“Then you have unlimited zero days and it is great if you find them in your own code, and awful if others do,”

He concluded by saying that “technology revolutions have upsides and downsides, and we cannot choose the benefit: we will get the downsides if we like them or not.”

Dan Raywood
Dan Raywood Senior Editor SC Media UK

Dan Raywood is a B2B journalist with more than 20 years of experience, including covering cybersecurity for the past 16 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.

He has spoken at events including 44CON, Infosecurity Europe, RANT Conference, BSides Scotland, Steelcon and ESET Security Days.

Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.

Dan Raywood
Dan Raywood Senior Editor SC Media UK

Dan Raywood is a B2B journalist with more than 20 years of experience, including covering cybersecurity for the past 16 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.

He has spoken at events including 44CON, Infosecurity Europe, RANT Conference, BSides Scotland, Steelcon and ESET Security Days.

Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.

Upcoming Events

No events found.