The Future of Cybersecurity: Insights from a Friendly Hacker's Perspective with Keren Elazari
Keren Elazari, a "friendly hacker" shared insights into how the cybersecurity landscape has changed in recent years—and what to do about it.In our recent webinar with Keren Elazari, a cybersecurity expert often referred to as a "friendly hacker," we explored the future of cybersecurity from a hacker's perspective. The conversation delved into the rapidly evolving landscape of cyber threats, focusing on how malicious actors are using new technologies to innovate, scale, and profit from their activities. Here are some of the key takeaways.
Malicious Innovation: How Hackers Are Exploiting New Technologies
Cybercriminals are continuously adapting, leveraging cutting-edge technologies to enhance their attack strategies. A prime example of this innovation is the rise of ransomware. According to NBC, ransomware alone has generated more than $1 billion in profits for hackers globally. One particular variant, LockBit, has emerged as a sophisticated "Ransomware as a Service" (RaaS) model. LockBit operates like a legitimate cloud-based business, with a global reach and a scalable distribution model targeting organizations in the US and Europe.
LockBit’s innovation doesn't stop there. It offers a creative affiliate program and a "double extortion" threat, where victims not only risk losing access to their data but also face the threat of their data being exposed publicly. This ransomware group is also highly agile, employing multiple attack vectors, rapidly evolving its product, and deploying attacks quickly and broadly. Their methods have even included recruiting from their victims, using the ransom notes themselves as advertising.
An example of their technical ingenuity is the use of intermittent encryption—a technique where only parts of a file are encrypted, making the breach harder to detect. Recent high-profile cases, like the attack on MGM and Caesars, demonstrated the creative tactics of cybercriminals, combining vishing (voice phishing) by Russian hackers and Gen Z cybercriminals based in the US.
Classic Attack Vectors Enhanced by AI
While innovation has driven the evolution of ransomware and other direct attack methods, cybercriminals are still relying on classic attack vectors like phishing, credential theft, and direct exploits against remote connectivity tools (VPNs, firewalls, routers, etc.). However, these traditional methods are now supercharged by artificial intelligence (AI).
Here’s a quick look at how AI has made life much easier for cybercriminals:
AI-enhanced phishing: AI can translate phishing emails into multiple languages quickly, localizing the content to make it more convincing. The result is phishing attempts that are 10 times faster and harder to detect.
AI-assisted credential theft: AI enables more effective credential theft through methods like credential harvesting, stuffing, and password cracking, allowing cybercriminals to breach accounts at a scale and speed previously unachievable.
AI-driven direct exploits: AI can identify vulnerabilities in software, scanning vast networks for potential exploits—there are AI programs that will write malware themselves—accelerating the pace and precision of attacks.
Additionally, a new trend has emerged: Phishing as a Service (PhaaS). This model allows attackers to buy or lease phishing tools, templates, and even entire operations, making it easier for less technically skilled individuals to conduct sophisticated phishing campaigns.
The Rise of Deepfake Technology and Synthetic Identity Marketplaces
Elazari also highlighted the growing use of deepfake technology in cybercrime. Many of us remember the deepfake scam in Hong Kong, where a finance worker joined a Zoom call with who he believed was the chief financial officer and other members of staff, but all of whom turned out to be deepfake re-creations. The fraudster had downloaded videos of these company members and trained an AI program on them, allowing them to appear real during the Zoom call. Such tactics show that AI is not only aiding traditional attack vectors but also creating entirely new methods of deception.
Moreover, synthetic identities created using AI are becoming a hot commodity in cybercriminal marketplaces. These identities, generated by combining real and fake information, can be used for a range of fraudulent activities, from financial scams to bypassing security checks.
Preparing for the Future of Cybersecurity
As the landscape of cyber threats continues to evolve, understanding the mindset and strategies of attackers is crucial for defending against them. Keren emphasized that organizations must not only be aware of the latest technological advancements used by cybercriminals but also adapt their defenses to meet these challenges. This includes leveraging AI for defensive purposes, improving cyber hygiene, and investing in continuous education and awareness.
Watch the full webinar here.