OpinionHow GenAI lowers barriers to hacking for everyone
Opinion
How GenAI lowers barriers to hacking for everyone
"The future of AI in cybersecurity is fascinating and challenging, but it requires responsible action," says Moshe Lipsker, SVP Global Product Development & Israel GM at Imperva. "Through smart regulation, international cooperation, investment in protection, and raising awareness, we can turn challenges into opportunities."
Israel's groundbreaking signature on a global treaty to regulate the use of artificial intelligence marks a turning point in the cyber world. In recent years, the world has become increasingly chaotic, swinging between extreme situations in every field and at every level. We are witnessing the emergence of "black swans"—unpredictable events that alter reality at an exponential rate, without any prior warning.
Amid this reality, technology is undergoing dramatic changes that are reshaping the future. A prominent example is the revolution of Generative Artificial Intelligence (GenAI). Through Large Language Models (LLMs), this revolution is accelerating technological development at a dizzying pace. Although the full impact of this transformation is yet to be fully realized, its effects are already evident.
GenAI tools make hacking accessible to everyone, drastically lowering the barriers to entry. These advanced tools enable amateurs to execute sophisticated attacks that once required deep technical knowledge and extensive experience. Today, anyone with an internet connection and basic knowledge can create malicious scripts, identify system vulnerabilities, and even launch targeted attacks. This is no longer a niche reserved for experts; it is a scenario where anyone can potentially pose a threat.
For example, at Imperva's research lab, we were able to take a new vulnerability and create a highly effective attack campaign around it within minutes using free GenAI tools. What used to take days or weeks can now be accomplished in minutes to hours. This is a striking example of exponential acceleration that is reshaping the landscape and posing unprecedented challenges to the cybersecurity industry.
Another example can be seen in the world of bots, where we are witnessing a rapid increase in the number of simple bots. While in the past, most malicious bots were highly complex, in recent months, we have observed that about 40% of them are very simple. This trend reflects the lowering of the entry barrier into the attack world, driven by advances in GenAI technologies. This trend is gaining momentum at an exponential rate.
The main challenge facing decision-makers is distinguishing between legitimate technological development and the misuse of these tools. The inter-ministerial forum established following the signing of the AI regulation treaty is a first step in this effort, but the road ahead is long. AI is also used for positive purposes, such as information security, network protection, and real-time attack detection. However, the same tools can be used for malicious purposes. The challenge lies in developing regulations that prevent misuse while maintaining innovation and progress in the field.
While the battle in cyberspace has always been a game of cat and mouse, the integration of GenAI raises the challenge to an entirely new level. The ability to generate attacks at the push of a button creates an arena of unpredictable and difficult-to-predict threats. Digital criminals can use AI to simulate human interactions and even create malicious content that appears completely legitimate to users. The GenAI revolution complicates defense, requiring protective systems to evolve rapidly to keep up with new threats.
The international treaty signed by Israel lays the foundation for global cooperation and sets new standards for dealing with these dangers. The regulation not only restricts the misuse of AI but also encourages the development of tools to protect critical systems and strengthen security. However, it is crucial to differentiate between short-term solutions, such as integrating AI into defense products, and the need to protect AI models themselves in the long term to prevent them from becoming tools in the hands of hostile actors.
The treaty signing is just the first step and must be accompanied by awareness and education. The public needs to be aware of the dangers and learn how to protect themselves against GenAI-based cyberattacks. It is essential to provide the public with tools that allow them to detect attacks early and understand that the risks may directly impact everyday life. The inter-ministerial forum can lead educational initiatives, training, and workshops to ensure we are prepared to face new threats.
The future of AI in cybersecurity is fascinating and challenging, but it requires responsible action. Through smart regulation, international cooperation, investment in protection, and raising awareness, we can turn challenges into opportunities and build a future where technology serves humanity in a safe and secure manner. Signing the treaty is a step in the right direction, but the journey is far from over, and we must not stop here.
Moshe Lipsker is SVP Global Product Development & Israel GM at Imperva (acquired by Thales)
