Generative artificial intelligence technology will be one of the biggest cyber threats next year as AI-powered tools could lower the entry barrier for inexperienced users to conduct cyberattacks, according to the South Korean government on Monday.
On December 18, the Ministry of Science and ICT and the Korea Internet & Security Agency (KISA) released a statement on prominent cyber threats targeting the country in 2024. The work was accomplished jointly with the cooperation of ten cybersecurity companies working alongside five South Korea-based firms, which included AhnLab, Genians, IGLOO Corporation, NSHC, and S2W.
The public and private sectors predicted that there will be an increase in possible hacking attempts from “ordinary people,” those who do not have expertise in the field of cybersecurity, by leveraging the latest generative AI technologies. Novice hackers could wield cutting-edge AI technology to create malicious code, detect security flaws, draft convincing phishing emails, and distort audio that could be realistic enough to fool intended victims.
The South Korean government and private-sector experts warned particularly of malicious services being made available on the dark web. Such services, providing hacking techniques created from the abuse of generative AI technologies, are poised to empower nearly any novice to be able to engage in illicit cyber activities.
“We have not yet encountered a cyberattack that has been carried out using AI technology in South Korea. However, there were multiple opinions from the experts that the AI-powered tools could be adopted as actual weapons for attack next year,” explained Lee Chang-yong, a manager with the vulnerability analysis team at KISA to The Readable. “Cyberattacks are mostly conducted by those with expertise. However, generative AI could attract those who do not have background experience to attempt cyberattacks themselves.”
Moreover, the South Korean government and private cybersecurity firms mentioned election interference as a challenge likely to confront the nation next year. In April of 2024, South Korea will elect 300 lawmakers that will represent the citizens for the next four years. The statement explained that there is a high possibility of an increase in the volume of cyberattacks during national events, as their purpose would be to cause mayhem and conflict during this critical time.
In particular, cybercriminals could create fake news with the help of deep fake technologies. They could also spread false or absurd claims on social media channels that the results of elections are being or have been rigged by hacking attacks. The statement also stresses the importance of mitigating the threats targeting the press and search engines, which numerous South Koreans use to access information, and election-related organizations, as the damage could result in a “cyber terror” event that could impact and disrupt the entire country.
