this post was submitted on 17 Jul 2023
347 points (95.3% liked)
Technology
59710 readers
5603 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Treat CVEs as prompts and introduce target fingerprinting to expose CVEs. Gets you one step closer to script kidding red team ops. Not quite, but it would be fun if it could do the network part too and chain responses back into the prompt for further assessment.
We're expecting multiple AI agents to be working concert on different parts of a theoretical attack, and you nailed it with thinking about the networking piece. While a lot of aspects of a cyber attack tend to evolve with time and technical change, the network piece tends to be more "sturdy" than others and because of this it is believed that extremely competent network intrusion capabilities will be developed and deployed by a specialized AI.
I think we'll be seeing the development of AI's that specialize in malware payloads, working with one's that have social engineering capabilities and ones with network penetration specializations, etc...all operating at a much greater competency than their human counterparts (or just in much greater numbers than humans with similar capabilities) soon.
I'm not really even sure what will be effective in countering them either? AI-powered defense I guess but still feel like that favors the attacker in the end.