AI Is Reshaping Hacking. No One Agrees How Fast

"Several cybersecurity companies debuted advancements in AI agents at the Black Hat conference last week," reports Axios, "signaling that cyber defenders could soon have the tools to catch up to adversarial hackers." - Microsoft shared details about a prototype for a new agent that can automatically detect malware — although it's able to detect only 24% of malicious files as of now.

- Trend Micro released new AI-driven "digital twin" capabilities that let companies simulate real-world cyber threats in a safe environment walled off from their actual systems.

- Several companies and research teams also publicly released open-source tools that can automatically identify and patch vulnerabilities as part of the government-backed AI Cyber Challenge.

Yes, but: Threat actors are now using those AI-enabled tools to speed up reconnaissance and dream up brand-new attack vectors for targeting each company, John Watters, CEO of iCounter and a former Mandiant executive, told Axios.
The article notes "two competing narratives about how AI is transforming the threat landscape." One says defenders still have the upper hand. Cybercriminals lack the money and computing resources to build out AI-powered tools, and large language models have clear limitations in their ability to carry out offensive strikes. This leaves defenders with time to tap AI's potential for themselves. [In a DEF CON presentation a member of Anthropic's red team said its Claude AI model will "soon" be able to perform at the level of a senior security researcher, the article notes later]

Then there's the darker view. Cybercriminals are already leaning on open-source LLMs to build tools that can scan internet-connected devices to see if they have vulnerabilities, discover zero-day bugs, and write malware. They're only going to get better, and quickly...

Right now, models aren't the best at making human-like judgments, such as recognizing when legitimate tools are being abused for malicious purposes. And running a series of AI agents will require cybercriminals and nation-states to have enough resources to pay the cloud bills they rack up, Michael Sikorski, CTO of Palo Alto Networks' Unit 42 threat research team, told Axios. But LLMs are improving rapidly. Sikorski predicts that malicious hackers will use a victim organization's own AI agents to launch an attack after breaking into their infrastructure.

Or do they?

[Gravis Zero]

If everyone agrees that "AI Is reshaping hacking" then it is logical to conclude that everyone agrees it's occurring at a pace faster than zero. </technically correct>

The options are:

[Tablizer]

1. Not very effective
2. Fairly effective but not revolutionary
3. Fairly effective but on pace to be a global threat in 15 years
4. Shit, buy Twinkies nooow!!!

Re:

[gweihir]

Not in 15 years and not "Twinkies". But in the next 3-5 years, as soon as the malware enterprises get their LLMs done and the toolsets around them adjusted. The "lab-demo" stage is already partially concluded. And most major players (Microsoft, ...) are not prepared at all.

Re:Or do they?

[Tony Isaac]

A few decades ago, "script kiddies" were able to break into systems without really knowing what they were doing, they just copied and pasted hacking techniques. Antivirus technologies quickly shut them down.

Now, AI feeds a new generate of "script kiddies" who don't really know what they're doing, but AI fills in many of their gaps, and may even power automated tools. It does seem like the next evolution of the arms race.

Scary? Not really any more scary than before, but still, the next evolution.

Re:

[fuzzyfuzzyfungus]

Script kiddies never really went away; they just got a bit more professional, so (while it is possible that 'AI' is or will enable script kiddies at some point) the difference is much less visible.

The quality of some of the attack toolkits is a lot higher, especially with ransomware there's real money on the table to actually pay for competent work, though the low cost of mounting attacks mean that opportunists using cracked copies of older tools, lightly modified proof of concept releases, etc. are stil

Re: Or do they?

[Big Hairy Gorilla]

Don't call me Lawnmower Man, bro :-)
There are plenty of devious applications for AI. For one thing you don't have to start from scratch. One improvement or innovation is what you're looking for. I'm pretty sure there is enough lazy and devious people with time on their hands who will take advantage of the nice free tools.

Re: AI: Trillion Dollar idea with $1,000 Market

[ConstantineXI]

I see no real use for AI.

Re:

[ihavesaxwithcollies]

It seems like they took what was left of those voice maid things, the Alexa and Siri bs and rebranded it to AI. They then flooded all these news organizations with AI is great propaganda.

Re: AI: Trillion Dollar idea with $1,000 Market

[Tablizer]

It's useful at certain places and times, it just can't sustain the mass subsidizing from so many investors, comparable to the dot-com crash. When the big players start charging the real costs to customers, they'll leave the big players and go bargain hunting with low-margin startups who have products say 80% as good at half the price.

Re:

[ConstantineXI]

I have yet to see a SINGLE justification for AI. Or a practical use case. Can it eliminate mind numbing tasks? Sure. But CAN it do that? That is doubtful.

Re:

[Tony Isaac]

In 2025, the AI market is expected to reach $243 billion. https://techinformed.com/globa... [techinformed.com]. That's not a trillion yet, but the market is a whole lot closer to a trillion, than a thousand.

If *you* don't see a real use for AI, it's because you aren't looking. A whole lot of other people, including me, do. It saves me time and effort daily. I pay for GitHub Copilot and feel I'm getting a good deal for my money. Try it (or any major AI product), you just might find some uses for it yourself!

Re:

[gweihir]

Malware production, scam support, fakes, etc.

In the criminal space, LLMs have a lot of applications, because bad/insecure software matters little. The defense side is very different though.

Re:

[ConstantineXI]

Neither do I.

"No One Agrees How Fast"

[sacrilicious]

Let me guess: the CEOs of AI companies assert it's happening really rapidly, while actual researchers are seeing impacts as slow.

Re:

[John.Banister]

CEOs who don't want to spend money on security infrastructure express agreement with state sponsored hackers: "It's no problem. There's no new threats." Researchers are having arguments among themselves: "was that AI, or just someone unhinged?" "Was that AI, or just someone kind of dim but really thorough?" "was that AI or...?"

Automated malware detection with AI !!!

[Guignol]

- Microsoft shared details about a prototype for a new agent that can automatically detect malware â" although it's able to detect only 24% of malicious files as of now.

I posted the same thing a long time ago, it looks like it's time to say it again:
"Yeah, sure, for instance, let's imagine a malware would be labelled as such if it just wouldn't halt"

Detecting bad processes

[loufoque]

As a human, you can easily detect that a host is "infected" because it's running weirdly named processes that you've never seen that are using lots of resources.

You could easily do that as AI, even without LLMs or any neural network.

What is really shaping

[gabrieltss]

What is really shaping hacking is all the damn new Open Source scanning/attack tools! I swear weekly I see a new one hitting us. Maybe it's DICKHEAD hackers using AI to create the damn things.

I hope they all come down with AIDS, herpes, Syphilis, Gonorrhea, and every other know STD all at once and suffer like nobody's business!