Unsurprisingly, cybercriminals are using generative AI like ChatGPT and Bing to refine their phishing attacks on you

Windows Central | Kevin Okemwa
A robot looking like a hacker using a computer (Image credit: Future)

What you need to know

  • A new study from Microsoft shows that hackers are warming up to AI and using the technology to deploy their attacks. 
  • General data exfiltration attacks doubled between November 2022 and June 2023.
  • Human-operated attacks have also skyrocketed by 200% between September 2022 and June 2023. 
  • Government agencies are also picking up AI and will use the tech to combat the sophisticated attacks deployed by hackers on their systems.

The emergence of AI has redefined how people go about their day-to-day lives in the past few months. And while most of these advances have enhanced and improved how people do things, the technology is also on hackers' radar. 

According to a new report by Microsoft, hackers are now leveraging sophisticated AI-powered techniques to make their attacks more lethal and undetectable. The company further detailed that hackers use existing generative AI tools and emerging chatbots to deploy these attacks on unsuspecting users.  

"Cybercriminals and nation states are using AI to refine the language they use in phishing attacks or the imagery in influence operations," Microsoft's CVP for Customer Security and Trust, Tom Burt, stated

The report further details the hackers' transition from encrypting data from hacked networks to encrypting the data remotely, citing that up to 60% of the human-operated attacks detected by Microsoft in the past year used this approach. This approach makes it difficult for companies to mitigate the issue, as it covers the hacker's footprints, leaving a cold trail. 

A huge spike in attacks

Per the report, general data exfiltration attacks are at an all-time high, having doubled between November 2022 and June 2023. For those not conversant with this bid, it's essentially a ploy used by hackers to steal private information and data, which is then used as bait to demand ransom from those affected. 

The tech giant also reported a 200% spike in human-operated attacks between September 2022 and June, citing that they are customized to adapt to specific environments, unlike automated ploys. There's also an increase in hackers stealing information from organizations and using that information to extort money, with threats of releasing or even selling it to the public if they don't comply. 

In return, organizations are also picking up AI technology and using it to come up with fire-proof tools that can be used to combat these sophisticated campaigns and ploys deployed by attackers, according to a spot by WSJ.

Chief executive of AI cybersecurity provider Deep Instinct, Lane Bess, indicated that it is harder to mitigate AI-powered attacks leveraged by hackers while speaking at the WSJ CIO Network Summit. 

Just the beginning?

It is evident that hackers are getting more creative and are now incorporating AI technology to come up with sophisticated and complex techniques to deploy their attacks. This is raising concern among organizations and even the government. Consequently, there are plans underway to develop AI-powered tech that will be used to counter these attacks. 

Do you think government agencies using AI technology to fight phishing attacks will keep attackers at bay? Let us know in the comments.

Kevin Okemwa

Kevin Okemwa is a seasoned tech journalist based in Nairobi, Kenya with lots of experience covering the latest trends and developments in the industry. With a passion for innovation and a keen eye for detail, he has written for leading publications such as OnMSFT, MakeUseOf, and Windows Report, providing insightful analysis and breaking news on everything revolving around the Microsoft ecosystem. While AFK and not busy following the ever-emerging trends in tech, you can find him exploring the world or listening to music.