May 3, 2023

Artificial intelligence (AI) is unlikely to be adopted by cybercriminals in the near future, according to experts.

While many articles have warned that the technology could lead to more sophisticated hacking, the reality is that cybercriminals often lack the time and money to invest in advanced techniques. The potential rewards for malicious AI are currently insufficient to justify the investment required, said John Dwyer, head of research at IBM Security X-Force.

Training AI models also requires significant expertise, which most hackers do not possess. Furthermore, much of the malicious code that is currently being produced using AI is repurposed from previous attacks, said Michael Sikorski, CTO of threat intelligence at Palo Alto Networks.

In contrast, defenders can harness the power of AI to identify, and block known vulnerabilities, allowing less-skilled practitioners to improve their data analysis capabilities. Cybercriminals are continuing to use basic techniques such as phishing and the theft of login credentials, according to reports.

Last year, 37% of security incidents were linked to hackers targeting software vulnerabilities, while 54% of cases involved stolen passwords. It remains unclear whether cybercriminals will eventually invest the time and money to master AI techniques, but experts have called for continued vigilance in the sector.

The sources for this piece include an article in Axios.