A new attack vector is created by enterprise AI tools, say 93% of hackers.
Bugcrowd’s Inside the Mind of a Hacker 2024 report provides insights from a survey of 1,300 ethical hackers from 85 countries, such as the United States, India, Australia, and more. The report highlights that 82% of respondents believe the AI threat landscape is evolving too rapidly to ensure adequate security. Additionally, 93% of hackers think that AI tools used by organizations have created new opportunities for malicious actors to exploit.
According to Patrick Harr, CEO at SlashNext Email Security+, AI has revolutionized hacking by enabling attacks on a large scale at minimal cost. As AI continues to play a significant role in cyber attacks like BEC, phishing, and social engineering, it is expected to become more prevalent in other areas such as Malware and Large Language Model (LLM) poisoning and model injection.
How AI is transforming hacking
In 2024, 71% of hackers believe that AI has increased the value of hacking, with 86% stating that it has fundamentally changed their hacking approach.
Jason Soroko, Senior Fellow at Sectigo, emphasizes the importance of combining AI tools with human expertise in cybersecurity. Despite AI enhancing both offensive and defensive strategies, human insight remains crucial as AI does not outperform humans in areas like creativity and complexity. The intersection of AI and hardware presents new challenges, underscoring the essential role of ethical hackers in combating evolving threats.
Ethics in the hacking community
John Bambenek, President at Bambenek Consulting, notes that 87% of hackers believe reporting critical vulnerabilities is more important than exploiting them for financial gain. This demonstrates a strong sense of ethics within the hacking community, emphasizing the importance of safeguarding society from potential threats.
The impact of AI on cybersecurity
Piyush Pandey, CEO at Pathlock, highlights the positive impact of AI on cybersecurity beyond task automation. AI enables intelligent response automation, behavioral analysis, vulnerability prioritization, and more. As AI automates tasks in cybersecurity, cybersecurity professionals will need to evolve and provide practical insights to guide AI’s deployment effectively.
AI and ML will play a crucial role in automating compliance processes, predicting risks, and reducing manual efforts and errors. By leveraging AI for continuous monitoring and risk assessment, organizations can enhance their cybersecurity posture and reduce potential financial losses.
