Three ways AI is helping hackers

A brief overview.

One of our primary jobs at Reboot is protecting mid-market businesses from the growing number of digital security threats they face. 

While AI is absolutely a helpful tool for guarding against these threats…

It’s also giving hackers some new strategies in their playbooks.

I want to share three of them with you. So, here we go: 

1) Sophisticated deep fakes 

Earlier this year, a Hong Kong-based finance employee wired $25,000,000 to hackers because…wait for it…they got deep-faked on a made-up video call with their CFO. In front of (what appeared to be) multiple other teammates on the phone. 

While the employee was skeptical of what initially looked like a phishing email (referencing a “secret” transaction)...

The sophisticated video call pushed them over the edge.

2) Better phishing emails 

While the above deep fake likely took hours to pull off…

Text-only bulk phishing emails remain the most common hacking weapon given how easy they are to automate at scale. 

Because ChatGPT can now be used to "Americanize" and "spell check" foreign hackers’ phishing text…

We can only expect these emails to get more and more believable in the coming months. 

(Reminder: Change Healthcare's huge issues this past few weeks started with a standard ransomware attack)

3) Password cracking 

Much like Google 20 years ago revolutionized the "search" ability of anyone with a computer…

Recent AI advancements have made it easier than ever for anyone with Google Chrome to suddenly access the most powerful computing resources the world has ever seen. 

As a result, hackers can use AI tools to quickly test thousands of permutations of passwords…

To dig for social media attributes to incorporate into their password guesses…

And to run your email against dark web databases in mere seconds. 

We need to make sure our passwords aren't "FirstName1" or "FirstNameDogName"...

And change them often. 

Just let me know if you have any questions on these three. I'd be happy to help.