365 days a year: solutions, knowledge and networking.
Find and offer innovative IT security solutions, take part in our diverse action program and make and maintain contacts.
Become part of the it-sa 365 community!
So that you can make an appointment, the calendar will open in a new tab on the personal profile of your contact person.
So that you can make an onsite appointment, the appointment request will open in a new tab.
"The so-called 'reply chain spoofing' in phishing attacks becomes even more convincing with systems like ChatGPT," says AI expert Stefan Strobel. He is managing director of cirosec, a specialist for information and IT security and part of the it-sa365 community of NürnbergMesse. ChatGPT is currently the most discussed AI and it is a divisive issue.
Milestone for some, because the AI can create texts and even programmes in a very short time on simple request, which are hardly distinguishable from human-made ones. Criticism comes from the other side: ChatGPT is often wrong and even spreads fake news. The important security aspect, on the other hand, is hardly discussed publicly. In an interview, Stefan Strobel explains how the new miracle AI for text and programme creation could play into the hands of cybercriminals and how companies should arm themselves against it.
AI systems like ChatGPT simplify the search for information on the internet, for example, and can generate real-sounding texts or even programmes. At the same time, however, the user can no longer rely on the delivered content being correct. Possibly the AI has simply hallucinated it.
AI systems like ChatGPT make it easier for the attacker to automatically create genuine-sounding texts. Thus, AI does not lead to new types of attacks from which one could not protect oneself, but it allows for an even better deception of the victims and at the same time a higher efficiency by automating the attacks. With the Emotet malware, we have already seen how successful the attackers can be when they reply to real mails from the victims. This so-called "reply chain spoofing" is made even more convincing by systems like ChatGPT. OpenAI actually has restrictions built in to prevent ChatGPT from being used to generate phishing emails, but there is also early evidence of cybercriminals circumventing these restrictions.
In practice, the majority of phishing attacks today take place without AI systems. There is evidence that ChatGPT is already being used to generate phishing emails because attacks can be made even more convincing, but in the overall picture AI does not yet play a relevant role among cybercriminals. From an attacker's point of view, it's actually not even necessary, because so far it's still very easy to capture millions even without AI.
Since there is no binding definition of the term AI, many manufacturers, especially in the security industry, market their products very generously with the label AI. In some areas, however, the actual use of AI has been obvious for years, for example in virus protection based on neural networks. With this, malware can be detected more reliably than with classic signatures.
It depends very much on the actual application and the technology used how one should deal with the new dangers. However, it is clear that AI, like any new technology in IT, brings with it both new opportunities and new risks. Before introducing AI-based systems, one should therefore analyse exactly which new threats arise and how one wants to deal with them in each individual case.
Taking the example of AI-based detection solutions, for example, at first glance one has a better detection rate. At the same time, however, there are new possibilities to trick the detection and explicitly provoke false detection.
Author: Reinhold Gebhart
