As part of an AI security team, I’m often asked how threat actors are taking advantage of AI. AI is impacting all areas of technology so the impact to threat actor technics can vary however, the most common impacts I’m seeing are 1) improving social engineering via breaking down language barriers as well as improving research on targets 2) skilling up lower-level hackers IE a novice can generate advanced malware and 3) and more effective spoofing such as fake videos, images, etc.
Checkpoint research posted about a ransomware group that is using AI HERE. These are the key points from this article. You can see more details in the post on the findings.
Key Points
- The FunkSec ransomware group emerged in late 2024 and published over 85 victims in December, surpassing every other ransomware group that month.
- FunkSec operators appear to use AI-assisted malware development which can enable even inexperienced actors to quickly produce and refine advanced tools.
- The group’s activities straddle the line between hacktivism and cybercrime, complicating efforts to understand their true motivations.
- Many of the group’s leaked datasets are recycled from previous hacktivism campaigns, raising doubts about the authenticity of their disclosures.
- Current methods of assessing ransomware group threats often rely on the actors’ own claims, highlighting the need for more objective evaluation techniques.