Skip to content

Can AI hurt you? Can AI protect you?

3 ways AI cybersecurity protects you

Barrett Dilger

AI Security

Is AI going to get you? No, I don’t mean the fear of AI taking over and putting you out of a job (maybe something to be concerned with in the future) or the fear of it trying to kill humanity (maybe you need professional help).

Can AI cause you harm? Yes.

AI is a tool. And like any tool, it can be used to cause harm. Just like I’m not afraid of a hammer, but I might be if it were in the hands of somebody trying to kill me. AI can be used to harm you.

But if AI is a tool, then can it be used to protect you as well? Yes.

That same hammer can build a wall to keep the bad guy out.

AI as a threat

In today’s world, people are using AI to make their lives easier. Each task that AI can do for you, or help you do, means more time and energy to focus on other things. IT helps streamline work and make you more productive. Many people use it in their daily lives.

Some of those people are criminals though. They use AI to make their cyberattacks better, faster, adaptable, and automated. Simple example: You’ve probably receive many phishing emails where you can easily spot the attack by their poor grammar and misspellings. Clearly English isn’t their first language and it shows. But what if they threw that email into Grammarly to get it all corrected? One step further, what if they asked ChatGPT to just write it all for them? Now would you recognize the attack? That’s what’s happening and it’s only the tip of the iceberg.

This isn’t really a surprise though. Back at the end of last year it was one of the topics I mentioned would grow as a threat this year. Attacks utilizing AI can increase the effectiveness and success of attacks. Basically, it increases speed, scales it larger, and gives it more coverage. You know, all those things you want in a tool to increase productivity.

Modern threats are light years beyond what they were just a few years ago, and are escalating quickly.

AI as a protector

It’s not all bad news though. Because AI has been incorporated into security tools as well, playing a vital role in the modern, enhanced security landscape.

You might be wondering, what do AI security tools look like? What do they do?

There are lots of things at play, but one of the major processes is based on machine learning and looking for anomalies. For context, every individual has a unique digital profile concerning their work habits, locations, and schedules. If an IT event deviates from this established pattern, it raises a red flag. Even when these attacks are subtle and require expert analysis by a SOC (Security Operations Center) analyst to confirm malicious intent, the AI-based detection ensures swift action.

The most frequently detected high-risk attacks caught by AI security tools include:

Impossible Travel Login Events

These occur when a user attempts to log into a cloud account from two geographically distant locations in rapid succession. This raises suspicion as the physical distance between these locations is impossible to cover in the given time frame. You can’t be two places at once (or very quickly) so the AI catches that and throws up red flags.

Anomaly Detections

These detections identify unusual or unexpected activities within a user’s account, such as rare login times or abnormal file access patterns. Such anomalies can be indicative of various issues, including malware infections, phishing attacks, or insider threats.

Communication with Known Malicious Artifacts

These detections identify communication with known malicious IP addresses, domains, or files, indicating potential malware infections or phishing attempts. Immediate quarantine and investigation are necessary when such communication is detected.

Moving Forward

To counter evolving cyber threats, businesses should implement layers of security. The lowest of which would be implementing password managers that create unique, long, randomly generated passwords for every person for every account. Multi-Factor Authentication is a must for every account as well. If you require any kind of compliance, it’s a legal requirement as well. You might want to consider implementing a Zero Trust approach as well. Also be sure to have disaster recovery plan in place to ensure your business keeps running in the event of a catastrophic incident.

I’ll be real, nobody likes cybersecurity training. There are ways to make it fun and…less “training”, but nobody likes it. But it works. Continual training has shown to have a major impact in recognizing cyber attacks, specifically phishing attacks, and therefore not falling for them.

If this all seems overwhelming, that’s okay. We’ve got a variety of cybersecurity services built around securing and protecting businesses just like yours. 24×7 security monitoring, detection, and response will ensure your data is safe.