- Attackers can build larger faster campaigns with generative
- They are also attacking business agent AI tools
- Humans are still an important weak point
New Crowdstrike research confirms that computer pirates are exploiting AI to help them deliver more aggressive attacks in less time, and technology also democratizes the less qualified computer pirates with a more advanced code.
However, in addition to this, they are also exploiting the same AI systems that are being used by companies; According to Crowdstrike, computer pirates are pointing to the tools used to build AI agents, allowing them to access, steal credentials and implement malware.
Crowdstrike is more concerned with the agent systems, which suggests that they have now become a “central part of the business attack surface.”
The attackers focus on Enterprise ai
The security company says that it observed “multiple” computer pirates that exploit vulnerabilities in the tools used to build AI agents, which marks an important change of the patrons of yesteryear. Until now, humans have almost always been the main point of entry into a company, but now, Crowdstrike is worried that “autonomous workflows and non -human identities [are] The next border of adversary exploitation “.
“We are seeing threat actors to use Genai to climb social engineering, accelerate operations and reduce the entry barrier for keyboard intrusions,” said Adam Meyers, head of adverse operations against.
FunkLocker and Sparkcat are two examples of malware built by Genai in the real world, while the famous Chollima of DPRK-Nexus has also been observed using generative the generative to automate its internal attack program in all phases. Sptered Spider, a group that is believed to consist of nationals from the United Kingdom and the United States, even managed to implement ransomware within 24 hours after access to systems.
“The adversaries are treating these agents as infrastructure, attacking them in the same way that they go to SAAS platforms, consoles in the cloud and privileged accounts,” Meyers added.
Even so, despite the fact that technologies such as AI are playing an increasing role in the speed of accelerating attacks, Crowdstrike discovered that four out of five (81%) interactive intrusions were free of malware, trusting in human hands on the keyboards to remain without detecting.
