Cybersecurity Reset: A.I. Both Heightens Risks and Empowers Risk Response
Solid cybersecurity is a prerequisite for business today, when security incidents can result in financial and reputational losses, sizeable fines and even class-action lawsuits involving millions of dollars in compensation. In 2011, a foreign telecommunication company had paid $350 million to settle class action lawsuit over massive data breach. At the same time, technology advances are reshaping the threat landscape and enabling more sophisticated cyberattacks while also offering new security solutions.
Security threats posed by generative A.I.
The Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) has identified artificial intelligence (A.I.) as a rising security risk, warning that it can be used to generate malware or create fake messages[1].
Positive applications of generative A.I. tools such as ChatGPT are not uncommon. For example, a driver in the U.K. has used ChatGPT to draft an appeal letter to challenge the parking fine. On the dark side, cyber adversaries are already leveraging the writing ability to develop more effective phishing emails[2]. In the past, such messages often contained obvious spelling or grammatical errors that raised questions about their authenticity. With the help of generative A.I., criminals can eliminate these mistakes and launch phishing campaigns more quickly. A.I. can also be used to generate disinformation for identity theft or blackmail.
The potential of generative A.I. for malware development should not be underestimated either. Early this year, cybersecurity researchers[3] had uncovered several examples of criminals using ChatGPT for fraudulent activity, including generating malicious Python code that can search for and steal common file types. Although the technology cannot yet develop sophisticated malware, it is already helping criminals with limited skills to carry out malicious acts and it will be only a matter of time before more skilled hackers use A.I. to enhance their activities.
A.I.-driven cybersecurity solutions
Against this backdrop, organizational vigilance and conventional risk mitigation measures are no longer enough. For example, an adversary can use unexposed zero-day vulnerabilities to initiate an intrusion that is difficult to detect by traditional signature-based security tools. They can then access the system continuously until the vulnerability is discovered, stealing data gradually to prevent detection.
A.I.-driven technologies play an important role in countering these threats. Network Detection and Response (NDR) solutions are a case in point. Integrated with A.I., NDR utilizes machine learning, data modelling and rule-based detection to analyze network traffic and identify abnormalities. With A.I.-powered automated incident response, organizations can respond more quickly and effectively to the daily onslaught of security alerts and alleviate the pressure on security teams in the midst of a talent shortage by reducing the burden of repetitive and menial tasks.
Information security management
Despite all of this, it is crucial to remember that emerging technology is not a “magic bullet” for cybersecurity. Negligence continues to trigger many security incidents, with passwords being an area of particular vulnerability. Research confirms that “123456” remains one of the most commonly used passwords. Some people still keep their passwords on a sticky note on their desk or share them with others, increasing the risk of unauthorized persons gaining access to confidential information.
Good information security management continues to be the backbone of cybersecurity defense. The best-known standard for information security management systems is the ISO/IEC 27000 established by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). It guides organizations of all types and sizes in establishing, implementing, maintaining and continually improving systems to manage cybersecurity risks.
ISO/IEC 27000 covers policies and procedures for personnel, processes and technologies so as to ensure the confidentiality, availability and integrity of information assets. The latest version, ISO/IEC 27001, was introduced in 2022. Organizations achieving ISO/IEC 27001 certification have systems in place to protect and securely exchange sensitive information, reducing the risk of incidents, enhancing customer confidence and facilitating compliance.
FUJIFILM Business Innovation Hong Kong guards enterprise networks
Security issues will remain at the forefront as the digital economy grows and governments impose stricter rules around privacy and data protection. Organizations across all industries need to work harder to comply with the requirements and thrive in the digital age.
FUJIFILM Business Innovation Hong Kong’s Managed Security Service uses A.I. to analyze traffic data and identify potential security events, providing real-time threat alerts and effective mitigation via its Service Operation Centre.
As an ISO/IEC 27001-certified enterprise, FUJIFILM Business Innovation Hong Kong provides qualified cybersecurity experts to assist enterprises in implementing digital security strategies that strengthen external and internal system defenses even as the threat landscape changes and becomes more challenging.
[1] Hong Kong Cyber Security Incidents on the Rise HKCERT Urges the Community to Raise Information Security Awareness
[2] ChatGPT: Motorist uses AI chatbot to challenge Gatwick Airport fine - BBC News
[3] OPWNAI : Cybercriminals Starting to Use ChatGPT - Check Point Research