Hackers Increasingly Turn to AI to Super Boost Phishing Scams
A new report has predicted that phishing will become more complex and harder to detect in 2019 with the help of AI.
According to a new report by cyber security giant Trend Micro, Mapping the Future: Dealing With Pervasive and Persistent Threats, 2019 will see a “marked” increase in the sophistication and number of Phishing attacks.
The report says that this rise is a knock-on-affect of the decreasing popularity of Exploit Kit attacks. With a wider range of software and operating systems (OS) on the market, hackers are having to adapt by reverting to exploiting a more universal OS – human vulnerability. The report states that in recent years there has been an increase in the number of phishing attacks.
Blocked phishing URL volumes have shot up from 8.1 million in 2015 to 210 million in 2018, while exploit kit activity has seen a marked decreased from more than 14.4 million in 2015 to just 261,000 today.
Trend Micro predicts that cyber criminals will seek to make phishing attacks even harder to detect using Artificial Intelligence (AI) to monitor executives’ online behaviour, and AI-enabled chatbots to lure users into clicking malicious links. Additionally, the report forecasts a rise in SIM-swap-fraud, a form of social engineering.
Tried and Tested Methods Will Remain a Major Threat
Despite new tools on offer, the report claims that exploitation of known vulnerabilities will continue in popularity. The report says that the most accessible opportunity for cyber criminals is the window of exposure that opens between the release of a patch and when it is implemented on a company’s system.
Often these patches have been available for weeks or even months but have not been applied yet – in many instances it takes the discovery of an attack before proper action is taken. Many of these will be found in OT systems like SCADA human machine interfaces, as well as new systems like Kubernetes and other cloud software.
According to the report, as vendors and white hat hackers progressively use AI and machine learning for cyber security, hackers will begin to use more malicious tactics to blend in. It predicts there will be a rise in the number of hackers finding new ways to repurpose normal computing objects for functions other than their intended use or design — a practice known as ‘living off the land’.
Trend Micro principal security architect, Bharat Mistry, said: “In 2019, as cyber-criminals look to infiltrate sites under the radar, it’s imperative that enterprises implement comprehensive security solutions that are able to spot disguised profiling attempts.”