AI-Based Attacks , Artificial Intelligence & Machine Learning , Events
Offline AI Models: The New Frontier in Cyberattacks
Pascal Geenens of Radware on Risks and Benefits of Downloadable AI ModelsThe rise of downloadable, pre-trained AI models has marked a significant shift in cybersecurity landscapes. Unlike traditional neural networks that required extensive computing resources and specialized engineers, these offline models enable widespread adoption and innovation across both defensive and offensive security operations.
See Also: Mitigating Identity Risks, Lateral Movement and Privilege Escalation
The accessibility of offline AI models, combined with techniques such as Retrieval-Augmented Generation, RAG, has created new security challenges. While cloud-based models maintain ethical guardrails, offline versions can be modified for malicious purposes.
"It's always a tech race. It's always a cat and mouse between the good guys and the bad guys. We did not see a lot yet of fully automated attack campaigns," said Pascal Geenens, director of threat intelligence at Radware. "What we did see, however, is like threat actors leveraging ChatGPT, or this underground WormGPT or FraudGPT, to improve their malware or to do phishing campaigns so they can use it to automate spear-phishing campaigns, which used to be difficult to automate."
In this video interview with Information Security Media Group at the GovWare Conference and Exhibition 2024, Geenens also discussed:
- How AI could reduce vulnerability exploitation timelines from days to minutes;
- The growing importance of AI in geopolitical cyberwarfare strategies;
- The evolution of AI-powered business logic attack detection.
At Radware, Geenens helps execute the company's thought leadership on today’s security threat landscape. As part of the Radware security research team, Geenens develops and maintains IoT honeypots and actively researches IoT malware. He has over two decades of experience in many aspects of information technology.