In February 2024, CNN reported a startling incident: “A finance worker at a multinational firm was tricked into paying out $25 million to fraudsters using deepfake technology to pose as the company’s chief financial officer in a video conference call.”

A similar incident occurred in Europe, where a deepfake impersonated a board member, allegedly approving a fraudulent transfer of funds, resulting in a multi-million dollar loss for the company.

“Banks adn financial institutions are especially at risk,” said The Hack Academy. “A study by Deloitte found that over 50% of senior executives expect deepfake scams to target their organizations soon. These attacks can undermine trust and lead to notable financial loss.”

The Hack Academy further noted that AI-driven security threats extend beyond deepfakes, increasingly manifesting as corporate espionage and misinformation campaigns. AI is enhancing traditional attack methods like phishing, social engineering, and malware insertion, making them more potent.

For CIOs, enterprise AI system developers, data scientists, and IT network professionals, AI is reshaping the security landscape, demanding a basic shift in how IT approaches defense against malicious actors.

Combating phishing and Spear Phishing

A combined approach of policy and practical measures is most effective in combating phishing and spear phishing attacks. Since these attacks rely on tricking users into opening malicious email attachments from seemingly trusted sources, user education is paramount. Employees should be trained to report any suspicious or unexpected emails to IT and to never open them.

IT departments should also evaluate their existing security tools.Are they still relying on outdated security monitoring software that lacks modern technologies like observability, which can detect security intrusions or malware at granular levels?

Is the organization still using IAM (identity access management) software for high-level tracking of user identities and activities in the cloud and on-premises, or has it adopted cloud identity entitlements management (CIEM) for a detailed view of user access and activities in the cloud? Ideally, organizations should transition to identity governance management (IGA), which provides a extensive framework for IAM and CIEM, along with detailed audit reports and automated compliance across all platforms.

“Banks and financial institutions are particularly at risk… These attacks can undermine trust and lead to significant financial loss.”

Fighting Embedded Malware

Malware can remain dormant in systems for extended periods, allowing attackers to activate it at opportune moments. Therefore, IT departments should enhance their security teams with specialized roles like “threat hunters,” who proactively search networks, data, and systems for hidden malware and eliminate it before it can be activated.

Zero-Trust Networks for IoT Security

Internet of Things (IoT) devices often lack robust security measures when introduced into corporate networks. While it’s generally expected that IT will configure these devices with appropriate security settings, this step is often overlooked. Additionally, employees may introduce personal IoT devices without IT’s knowledge.

Zero-trust networks can mitigate these risks by detecting and reporting any additions, subtractions, or modifications to the network, providing IT with visibility into potential security vulnerabilities.

Formalizing IT procedures for IoT devices is crucial, ensuring that no device is deployed without its security settings being configured to meet corporate standards.

Mitigating AI data Poisoning

AI models, systems, and data should be continuously monitored for accuracy. Any decline in accuracy or unusual outputs should trigger an immediate examination of the data repository, inflows, and outflows for quality and bias. If contamination is detected, the system should be taken offline, the data sanitized, and the sources of contamination identified and neutralized.

Leveraging AI for Security

Most modern security tools incorporate AI to detect anomalies, abnormal data patterns, and suspicious user activities.Furthermore, forensics AI can analyze security breaches, pinpointing their causes, origins, and mechanisms. Given the scarcity of in-house forensics experts, IT staff should receive training in forensics skills.

Regular Audits and Vulnerability Testing

IT vulnerability testing should be conducted at least quarterly, with comprehensive security audits performed annually. Organizations using cloud providers should request and review the latest security audit reports from each provider.

Engaging an external auditor can also help organizations prepare for future AI-driven security threats. These auditors possess broad industry knowledge, exposure to diverse company environments, and insights into emerging threats, enabling them to provide valuable guidance for proactive security measures.

summary

AI technology is evolving faster than legal and regulatory frameworks, leaving IT departments largely responsible for developing their own security defenses against AI-powered attacks.

Fortunately, IT professionals have insights into how malicious actors are leveraging AI, and there are tools available to aid in defensive efforts.

The missing element is a proactive and aggressive IT security strategy, which must be implemented promptly.