A look at the development of current threats to cybersecurity, part 2. Piece intelligence

20 May 2025

Artificial Intelligence Offers an «Easy Button» for Cybercriminals
Cybercriminals continue to weaponize artificial intelligence and exploit it for illicit purposes. Attackers are increasingly using AI to scale up and accelerate the speed and volume of their operations. From more efficient data harvesting to leveraging large language models (LLMs) and crafting phishing messages that are more realistic than ever, both seasoned and novice threat actors are relying on AI as an “easy button” to streamline their efforts. Last year, forecasts indicated that cybercriminals would adopt AI in various ways – from conducting generative profiling to enabling password spraying attacks.

Examples of how cybercriminals are using artificial intelligence in their operations:
Automated Phishing Campaigns
Example: Threat actors use LLMs to generate highly convincing phishing emails with flawless grammar and context-aware personalization. These AI-generated messages can mimic the writing style of known contacts, making them difficult to distinguish from legitimate communications.
Impact: This tactic increases the success rate of targeted phishing campaigns by bypassing common red flags that typically alert users to fraudulent emails.
Generative Profiling for Social Engineering
Example: LLMs assist attackers in creating detailed social engineering profiles by analyzing social media posts, publicly available data, and other online content. By synthesizing this information, adversaries can tailor their messages to the victim’s interests, work relationships, and recent activities.
Impact: The accuracy of AI-enhanced profiles raises the likelihood that targets will trust and engage with attackers, resulting in higher rates of credential theft or unauthorized data access.
AI-Powered Password Spraying
Example: AI can be used to analyze patterns in commonly used passwords and more effectively guess variations. LLMs trained on large datasets of leaked credentials can generate realistic password lists tailored to the user base of the target organization.
Impact: These AI-optimized attacks can evade traditional rate-limiting and lockout mechanisms by distributing attempts across multiple accounts and adapting techniques to minimize detection.
Voice Phishing Using Deepfakes (Vishing)
Example: Adversaries have used deep learning models to generate synthetic voices that replicate the tone and speech patterns of specific individuals. For instance, an attacker might impersonate an executive to convince an employee to perform unauthorized financial transactions or disclose sensitive information.
Impact: The realism of deepfake voice technology makes it harder for employees to detect fraudulent requests, potentially leading to significant financial and reputational damage.
Improving malware creation
Example: LLMs can help generate polymorphic malware that changes its code structure to evade signature-based detection. Attackers can also use these models to write new code snippets or improve existing malware to make it more efficient and stealthy.
Impact: This accelerates the development of advanced malware variants and lowers the technical barrier for less-skilled attackers, increasing the overall volume of malware in circulation.
AI-Generated Disinformation Campaigns
Example: Cybercriminals use LLMs to create and distribute disinformation at scale. This includes fabricating fake news articles, social media posts, and comments to influence public opinion or incite panic during critical events such as elections or health crises.
Impact: Disinformation campaigns can damage reputations, erode trust in institutions, and provoke social unrest. The ability to automate content creation allows attackers to flood information channels, overwhelming fact-checkers and response teams.

As adversaries become more comfortable using AI to enhance their efforts, adoption is expected to accelerate. Cybercriminal groups will use AI to assist in even more activities, such as identifying new vulnerabilities in software code that they can exploit.

📷
Тенденції розвитку систем накопичення електроенергії: виклики, технології та перспективи 📷
📷
Читати більше новин
EN