Artificial Intelligence has equipped us with the power to automate functions, glean insights from massive data piles, and create media content that closely mimics reality.
Nonetheless, these positive instruments can also be utilized for nefarious objectives.
Specifically, digital antagonists can employ AI to boost their offenses and broaden their
illicit efforts.
While the topic of offensive AI has been discussed before [1], there exists a requirement
to scrutinize and comprehend the risk in an organizational context and operationalize it
further as a risk. For instance, what's the effect of an AI-empowered enemy on the cyber
kill chain? Does AI give the offender more advantage than the protector? Which are the
most critical AI threats that organizations confront today, and what would be their implications for the future? In this research, we delve into the threat posed by offensive AI to enterprises and generally the modern digital society. Initially, we lay down the context and discuss how AI
alters the adversaries’ and malicious actors’ tactics, tactical plans, objectives, and the
overall assault paradigm and why not strategic plans. We review the current state of AI
enabled defensive and offensive cyber operations, the tools that have been developed
and finally we make a review of existing literature, and try to map offensive AI tools to
existing frameworks that describe the tactics, techniques and procedures (TTPs) of adversaries, in specific the MITRE ATT&CK framework.
Finally, we propose a novel framework for categorizing AI enabled cyber offensive operations with relation to targets and TTPs used.
Collections
Show Collections