Hooded figure in front of waterfall text.

Your New Year’s Resolution Should Be Cybersecurity: AI/ML

Hooded figure in front of waterfall text.

As we come to the end of the year, it is a time to reflect on what has happened in 2023 as we look forward to what’s to come in 2024. Personally, I have graduated from college with a master’s degree and am now pursuing a career in the cybersecurity industry. With that in mind, I am also reflecting on what has happened in cybersecurity over the past year, and it is safe to say that what I have seen has been rather concerning, yet I remain hopeful as we move into the next year. However, that is dependent on how other people view the past year in cybersecurity and how lessons learned are brought forth into the next year.

In any event, to recap some of what has been seen in the past year, I will be posting some thoughts on the matter through the beginning of January to get some content going here.

AI and Machine Learning

This recap of sorts would be remiss if it didn’t include artificial intelligence and machine learning as one of the first few things that was noted. Of course, ChatGPT and OpenAI made the rounds a few different times, with product improvements and ousting of leadership. Of course, these tools do pose some risks, such as enhancing phishing techniques, but I would posit that they are not quite all there yet insofar as cybersecurity is concerned.

What I might argue is a bigger concern lies with deepfake technology. In June, we saw the FBI publish a warning about using individuals’ social media photos to generate “nude images,” which could, in turn, be used to blackmail you. This is just the latest extension of deepfake technology, and the concern does not stop at fake nudes. Deepfake tech could be one of the biggest threats to democracy we face in the coming years (besides a few other more obvious social issues), tricking people into believing information that is not real or true. Thus, this has become a concern for the Department of Defense (DoD), National Security Agency (NSA), and Cybersecurity and Infrastructure Security Agency (CISA), among other organizations. It is becoming increasingly easy for our adversaries to generate content that looks and sounds like the real McCoy such that it is hard to discern from the real deal.

Of course, one might argue that disseminating this content might be hard, but that is a somewhat dubious claim. With what some consider a general distrust of the government coupled with the divisive nature of politics in the United States, especially going into an election year, we are primed for content online to be taken, shared, and reposted across all platforms. It would take one fake Trump or other political figurehead’s likeness saying something believable or inflammatory to sow further seeds of doubt, which is likely what our adversaries are already trying to do. Then, this can live and “blow up” on platforms with black-box algorithms that push the content to people who fall into the rabbit hole.

To give a quick glimpse into this, check out the embedded post above from @md_mike_douglas who went through a Trump-supporting X account’s photos. They found what appears to be AI-generated media meant to entice Trump supporters and bolster support. Of course, this is an incredibly minor example of what is happening and is just a fraction of the full scope of the situation, but it is somewhat of a litmus test, if you will, nonetheless.

Ultimately, we live in a scary world where people are not gaining the adequate skills to discern fact from fiction in text, video, photo, or audio content online. This is largely a problem with ties to politics and informed voting but can be extended into other areas, such as phishing attacks, blackmail, and rights violations. That will be left as a thought exercise to the reader, but one can be certain that we are living in turbulent times that require a discerning eye to determine what is real and what isn’t anymore.

Editor’s Note: Yes, I am going to use the “hooded hacker” image and will lean into the title, both are good memes.

Leave a Reply

Your email address will not be published. Required fields are marked *