AI-based Attack, Event, Fraud Management, Cybercrime
ReliaQuest Field CISO Rick Holland discusses how cybercriminals are exploiting AI tools
Matthew J. Schwartz (Euro Infosec) •
June 19, 2024
Cybercriminals, like security professionals, want AI. But in the AI-vs-AI cyberwar, the barriers to entry for bad actors are “getting lower and lower, while the barriers for defenders are getting more complex and difficult,” says Rick Holland, field CISO at ReliaQuest.
reference: NHS ransomware attack: Healthcare infrastructure is critical
Attackers have new advanced tools at their disposal, and cybercrime forums now have entire sections dedicated to AI tools like FraudGPT and ChaosGPT. For as little as €500, malicious actors can purchase large language models, making advanced attacks even more accessible and changing the threat landscape. “Criminals want their own Copilot, just as we have a Copilot for every security technology,” says Holland.
For security teams, sticking to the basics still pays. “Ransomware is probably at the top of everybody’s threat model, or it should be. If you’re not defending against it — if you haven’t patched your VPN, you don’t have multi-factor authentication — then you’re leaving the door wide open. The warning lights are flashing,” he said.
In this video interview with Information Security Media Group at Infosecurity Europe 2024, Holland said:
- The challenges facing cybersecurity defenders due to advances in AI.
- How AI-powered phishing and social engineering tactics are evolving.
- An increase in business email compromise and email account hijacking.
A former practitioner, vendor executive and Forrester industry analyst, Holland now manages ReliaQuest’s global team responsible for the company’s threat intelligence and investigative efforts.