AI chatbots are all the rage! Many people are experimenting with new and exciting ways to leverage them to accomplish routine tasks and there is a lot of concern that they may eventually automate away a lot of entry level jobs. Of course this is always the fear when there is a step forward in automation going all the way back to the industrial revolution. Prior to mechanization the vast majority of the population was doing manual labor in the agriculture industry, and I don’t think anyone is arguing we need more people doing that type of work. Historically increased automation has increased the standard of living for everyone so I think good things are ahead, but I digress…
Back to the issue at hand, an interesting article was recently published that details leveraging ChatGPT to create a phishing campaign complete with emails and a website. The end result was pretty slick and polished, without the typical grammar and spelling errors that give away phishing attempts. This is pretty scary since phishing has typically been pretty effective at exploiting the weakest link in the security chain, the end users themselves. It’s so effective that I have read some organizations forbid it from being used on their penetration tests.
There are some very interesting implications for how AI will continue to change the security landscape in the near future, both for the people securing networks, data, and systems, as well as for those that are trying to compromise them.
Full article here!