当人们想到人工智能的威胁时,, 机器人末日的景象可能会浮现在脑海中. 虽然这种情况可能不现实, 新技术带来的威胁, 比如人工智能, 是非常真实的.
“生成式人工智能自上世纪60年代就出现了,”他指出 杰森·哈勒尔, 存运营和技术风险总经理. “It’s not new, but now it is much more accessible, has far more capabilities and is easier to use. 任何时候,只要你有大量的人口可以使用一个强大的新工具, security professionals must think about how people may use it for malicious purposes.”
网络安全专家对新技术带来的威胁进行了权衡.
At one end of the spectrum are new AI tools and applications that can help users skip video meetings by logging into the meeting on behalf of the user, 在聊天中回答问题, 并在会议结束后生成会议摘要. At the other end are deepfakes that threat actors could use to create communications impersonating senior people to trick employees.
相关:为什么人工智能是一把双刃剑
“比如说你在公司聚会上发了妻子和孩子的照片,”他说 罗恩格林,万事达卡研究员. “生成式人工智能可以抓取社交媒体并找到它, 然后伪造一封老板发来的邮件说, 很高兴在上周的聚会上见到你和你的孩子们,,并附上一个电话号码, 回答的声音听起来像是老板. 这是经典的社会工程,人工智能让它变得更加强大.”
我们已经看到网络罪犯利用人工智能产生了巨大的影响. 一家跨国公司在香港的雇员 最近欺骗 into transferring the equivalent of US$25 million to fraudsters by AI-generated deepfakes after being invited to a video conference call in which he saw and interacted with what he though was the CFO and other actual colleagues, 据当地警方称.
Only after transferring the money did the clerk learn the “people” he saw on the video call were not real.
“This shows the challenges AI poses for security teams in training employees to be even more vigilant,哈勒尔说。.
也就是说, 所有vns6060威尼斯城官网人工智能的炒作, most of the cyber threats we’ll see in 2024 may well be the same one’s security professionals have managed in the past – but turbocharged by new technology.
“人们在使用同样的老策略, 多亏了更好的技术,他们更有效地利用了它们,格林说。. “人工智能等新技术是威胁倍增器.”
数据窃取者的攻击
Ransomware attacks have grown exponentially in recent years and remain one of cyber security teams’ top concerns. 而在2017年,这一比例仅为2%, ransomware attacks climbed to account for 10% of all breaches in 2021 – and to over 24% in 2023, 根据 Verizon 2023数据泄露调查报告.
“我们最担心的是勒索软件,”他说 托马斯•瓦格纳, Managing Director of Financial 服务 Operations with the Securities Industry and Financial Markets Association (SIFMA).
更糟糕的是, while the data-nappers may have the skills to hack into and freeze access to data, they may not be proficient enough to restore it – at least not in a format that allows you to quickly resume operations.
“Even if you pay the criminals, they often cannot restore the data,” adds Wagner.
不仅勒索软件攻击变得越来越普遍, but they are also becoming more effective; bad actors can now offer the equivalent of software as a service (SaaS).
“我们看到了‘勒索软件即服务’的出现,”他说 巴斯贝利, Senior Vice President and Chief Information Security Officer for Fulton Bank. “This has in turn fueled the commoditization and commercialization of ransomware through a sophisticated business-like operating model. 最值得注意的是,这包括基于云的勒索软件即服务vnsr威尼斯城官网登入.”
This means the cyber criminals don’t need to have the software expertise to write ransomware code themselves, they can just rent the ransomware from someone that does have the expertise. “The Ransomware as a Service model enables a continuous improvement type of software development cycle resulting in ongoing enhancements and improvements,贝利说。. “因此, I believe we can expect ransomware attacks to evolve in sophistication and effectiveness for the foreseeable future.”
Related: Find out where “cyber” ranked in our 2024 Systemic Risk Barometer
聚焦第三方漏洞
另一个挑战是,威胁行为者正在瞄准较软的目标. 而不是打击大型金融机构, they target small players who may not have the level of security the big players have.
“The threat actors know third parties may not have the same security resources,” notes Bailey. 这就是为什么有效的第三方供应商风险管理如此重要.”
SIFMA的Wagner同意勒索软件仍然是一个主要威胁, 而第三方供应商代表了一个特殊的漏洞.
“关键的第三方是我们考虑得最多的,”瓦格纳说. “An attack on one of your important service providers can impact you more than you’d think. 在一个案例中, a financial institution experienced a liquidity concern because a third-party had been hacked and could not settle trades.”
Wagner notes that while in some cases small players may be more vulnerable because they do not have the resources to put in place the same level of security as a large institution, in other cases their efforts were simply not as thorough as they should have been.
“Some of the third parties that have been targeted were just not prepared,” notes Wagner. “一家公司没有足够快地安装补丁, 另一家公司没有充分备份数据, 一些公司没有进行预先识别弱点的演练.”
和, with today’s increasingly complex supply chains and networks of service providers, it may not always be your own third-party vendors who pose a risk: Your third-party vendor’s own suppliers could also put your organization at risk.
“We’re looking at our entire extended supply chain to better understand where risk may come from,存的Harrell补充道. “它超越了第三方. One of the approaches we are taking is to have in-depth conversations with our vendors to understand their security 帖子ures, and to put specific risk management steps into our contractual agreements with them.”
网络弹性信息图的五个技巧
协作是关键
The key to solving many emerging threats in 2024 is collaboration and practice. Working closely with third-party service providers can help them bolster their security to better protect you. 与政府机构合作是另一个力量倍增的因素.
“We’ve all benefited greatly from the intelligence government agencies provide,贝利说。. “But it’s most powerful when industry and government collaborate to share information.”
作为一个产业一起工作, partnering with government agencies and regularly practicing incident management can bolster security by building the muscle memory to respond more quickly and effectively.
“我们需要对市场有相同的看法,”哈雷尔补充道. “这不仅仅是我们自己的反应, it’s how individual responses fit into the industry response to ensure everyone can get back up and running with minimal disruption.”