CYBERSECURITYAI-driven Cyberattacks More Sophisticated and Scalable, but There Are Solutions

By Marshall Terrill

Published 30 October 2024

Cyberattacks used to be engineered by crafty hackers looking to infiltrate computer systems. Artificial intelligence now allows hackers to create a new scale of attacks that penetrate banking, critical infrastructure, intellectual property, and even traffic lights and baby monitors.

Cyberattacks used to be engineered by crafty hackers looking to infiltrate computer systems. Artificial intelligence now allows hackers to create a new scale of attacks that penetrate banking, critical infrastructure, intellectual property, and even traffic lights and baby monitors.

With October pegged as Cybersecurity Awareness Month, ASU News turned to Victor Benjamin, assistant professor of information systems in Arizona State University’s W. P. Carey School of Business, who has been researching this phenomenon for years.

He said the next generation of AI is troubling, penetrating and has great potential to create societal chaos.

Here’s what Benjamin had to say about AI’s role in cyberattacks and what we can do to stem the tide:

Question: You’ve recently penned several scholarly articles on AI entering the field of cyberattacks. What does that mean for America?
Answer: AI-driven cyberattacks pose a serious challenge to America’s cybersecurity infrastructure. As AI technologies become more accessible, they allow even those with minimal technical skills to carry out sophisticated attacks on everything from financial systems to critical infrastructure like power grids.

This is not entirely new; low-skill hackers called “script kiddies” have always existed. But AI allows these actors to create even more sophisticated, wide-scale attacks. Integrating AI into cybercrime introduces a scale and efficiency previously unseen, forcing security professionals to strengthen defenses rapidly. The ease with which these tools can be misused raises concerns about national security, requiring both public and private sectors to invest heavily in countermeasures.

In essence, AI democratization, while beneficial for innovation, has also provided bad actors with powerful tools, meaning America must double its efforts in cybersecurity, not just in preventing attacks but in adapting its legal frameworks and policies to tackle AI-related threats. It has been a double-edged sword.

Q: These AI attacks sound more severe than cyberattacks in the past. How does the threat change?
A: The threat posed by AI-driven cyberattacks significantly differs from traditional cyberattacks in terms of sophistication and scalability. AI allows attackers to target a wide variety of systems, each with unique vulnerabilities, all at once. What once required specialized expertise can now be done by novices using AI tools, making it easier for more people to launch attacks. This has led to a broader threat landscape where cyberattacks are not only more frequent but also potentially more dangerous due to their automated nature.