Decoding the black in BlackMamba; How does the world of malware look
时间:2024-06-26 17:25:12 阅读(143)
With advancements in artificial intelligence (AI), experts believe that there has been a rise in AI-driven malware. From what it’s understood, fraudsters can use machine learning techniques such as Generative AI to create malware. By using generative AI, user’s data could be misused and synthesised for fraudulent activities. Reportedly, hackers use predictive AI to predict the defence mechanism of the target. In alignment with this, experts have predicted a new malware ‘BlackMamba’ which uses AI-powered techniques to stay hidden from endpoint detection and response (EDR) security solutions. “ In 2024, the future can combine the ongoing success of many current attack tactics, such as identity compromise, with an emerging landscape dominated by AI-powered cyberattacks,” Parag Khurana, country manager, Barracuda Networks (India) Pvt Ltd, a cloud-based cybersecurity platform, told FE-TransformX, adding that global shortage of cybersecurity professionals means organisations need to look to integrated-end-to-end security solutions, third-party security operations centers and ongoing employee security awareness training, to fortify their defences.Sign Up to get access to the Financial Express Exclusive and Premium Stories.Register NowAlready have a account? Sign in
Decoding BlackMamba
In 2023, about 400 million malware was found across 8.5 million endpoints, as per insights from Seqrite,a cybersecurity solutions provider. In March 2023, over eight percent of responding employees had used ChatGPT at least once in the workplace, and around three percent had entered confidential corporate data into ChatGPT. The most commonly exposed type of corporate data was the sensitive data intended for internal use only, as per insights from Statista. Reportedly, illegal activists had been selling chatbot services such as DarkBART, FraudGPT and WormGPT, among others, as per insights from Seqrite, a cybersecurity solutions provider.
The dark side of generative AI
AI-powered attacks can become common as threat actors create polymorphic malware such as BlackMamba, using ChatGPT and other data-intelligence systems based on large language models (LLM), as per insights from HYAS Labs researchers. “AI also poses challenges and risks for the cybersecurity landscape as it can be used by malicious actors to launch attacks, evade detection and exploit vulnerabilities, among others. One of the main challenges that AI poses is that it can increase the scale, speed and complexity of cyberattacks” Sanjay Agrawal, chief product officer, Quick Heal Technologies Ltd, a cybersecurity platform, explained.
Industry experts believe that the rise of AI-driven attacks, ranging from deepfakes to intricate phishing techniques, poses a challenge to digital security and public trust alike. Threat actors employ BlackMamba to evade detection, intensifying the complexity of the cybersecurity landscape. Every time BlackMamba executes, it re-synthesises its keylogging capability, making the malicious component of this malware polymorphic. “Amidst these challenges, AI has the ability to equip cybersecurity professionals with the tools to fortify digital environments, fostering a proactive stance against emerging threats. Its ability to discern patterns, mitigate risks, and enable real-time responses can reshape the cybersecurity paradigm,” Shibu Paul, vice president, international sales, Array Networks, a security platform, highlighted.
The road ahead
By 2027, 50% of enterprise chief information security officers (CISOs) can adopt human-centric security design practices to reduce cybersecurity-induced friction and upgrade control adoption, as per insights from Gartner. “The integration of decentralised identity systems, AI-driven deception techniques and focus on cyber-resilience postures can set new paradigms. The complexities of the digital realm underscore the need for robust cybersecurity measures. Quantum-resistant algorithms, the convergence of Internet of Things (IoT) vulnerabilities and the role of human-centric security strategies can emerge as the key areas in 2024,” Ajay Kabra, senior director, global business excellence, Xebia, a cloud solution provider, said.
Experts believe that this transformation shouldn’t overshadow the need for human expertise. The collaboration of AI-backed defences with human talent can be the strategy for fortifying cyber fortresses. “The trajectory of 2024 in cybersecurity will use the dual approach of inclusion of AI-powered defences and investment in human skills, along with the guidance of C-suite executives. This convergence can form the bedrock for resilience in an age that is dominated by relentless cyber challenges,” Vishal Gupta, CEO, Seclore, a data-centric security platform, concluded.
Follow us on Twitter, Facebook, LinkedIn
猜你喜欢
- Nifty chart formation suggests bulls might be returning to D-Street, buy these two stocks for gains
- Bank Nifty continues to outperform Nifty 50; Bank Nifty targeting 44,900, Nifty to retest lifetime high of 18,887
- US Stocks- Wall Street rises on Microsoft, Alphabet earnings as Fed decision looms
- Bajaj Finance Rating- hold; Potential to capitalise on credit card opportunity
- US Stocks- Futures fall sharply as jobs data fuels rate hike worries
- upGrad records more than 65,000 graduates in CY2023; enrollments continue to increase
- Auto stock to buy- Jamna Auto finds strong backing on charts, analysts see up to 15% rally in 3 months
- NASA launches Peregrine 1 Moon Lander, first in 50 years! Human remains on board
- BankBazaar