ChatGPT has become wildly popular since it debuted in November 2022, with the AI-driven platform amassing more than 100 million users two months after it was launched.

The natural language processing tool has human-like functions that have taken the world by storm, but it has also raised concerns across various industries. A New York school banned the tool due to concerns that students can use it to cheat, and Google has become so alarmed over its capabilities that it has issued a code red since ChatGPT is a threat to its search business.

All the more serious, the cybersecurity sector has noticed that ChatGPT can heighten security threats. And there is statistics to back the concerns.

According to new research from Blackberry, the AI-powered chatbot poses significant security threats, with increasing evidence showing that threat actors are already testing ChatGPT’s ability to create phishing emails and malicious payloads. Blackberry’s CTO for cybersecurity, Shishir Sigh, said that Blackberry expects hackers to become better at using ChatGPT for nefarious activities in 2023.

Furthermore, 51% of IT security experts from Australia, the UK, and North America participating in the survey believe that a ChatGPT-enabled cyberattack will occur before 2023 ends, and 71% agree that nation-state adversaries are likely exploring how they can use the technology to target other countries. 

The Rising Threat Of The ChatGPT Malware

An enhanced AI program like ChatGPT can become dangerous when used for nefarious reasons. For example, hackers can use ChatGPT to draft malicious code, with numerous dark web underground networks deploying it for scripting malware for use in ransomware attacks.

However, industry giants like Microsoft have forged multi-billion partnerships with OpenAI to develop more AI capabilities, which does little to alleviate the concerns that it will eventually become a serious threat to countries and organizations worldwide. This is due to reasons like:

• ChatGPT is very easy to use: The simplicity of ChatGPT in creating sophisticated malware attracts amateurs and hackers with limited technical capabilities. It will cause a new breed of hackers to emerge, thus increasing cybersecurity threats.
• High accessibility: Free availability of the AI-driven tool is one of its primary selling points. Anyone with an internet connection can use the program anonymously from any location to churn out phishing emails and dangerous malware.
• Automated outputs: ChatGPT is designed to produce output automatically based on user prompts. Therefore, it makes it easier for cybercriminals to develop malware consistently and rapidly, enabling them to create multiple malware variants.

Cybersecurity Researchers Use ChatGPT To Develop Malware.

CyberArk cybersecurity researchers published a blog detailing using ChatGPT to develop polymorphic malware. They used ChatGPT to create polymorphic code, which is code mutated to create varying iterations to bypass signature-based detection software.

While the process was complicated due to the content policy filters that OpenAI has implemented to prevent users from abusing ChatGPT, the researchers used a process they called insisting and demanding during input requests to develop malicious executable code. Although the code is purely malicious and detectable using security software, the researchers note that the danger lies in that ChatGPT is an AI and machine learning tool that learns from its inputs to produce better outputs. It will get better at creating undetectable malware.

In addition, a few weeks after its launch, security researchers from Israeli cybersecurity firm Check Point demonstrated how nefarious actors could use ChatGPT to create convincing phishing emails capable of delivering malicious payloads. Specifically, they revealed how ChatGPT could be used with OpenAI’s code development system, Cordex, to create phishing emails. Sergey Shykevich, group manager at Check Point threat intelligence, said that such use cases demonstrate that ChatGPT can alter the cyber threat landscape significantly, noting that it marks a major step towards the dangerous evolution of effective and increasingly complex AI-enabled cyber threat capabilities.

A Great Learning Platform For Aspiring And Novice Cybercriminals

ChatGPT cannot execute codes or programs, including those it produces. Hence, attackers using it to execute cyberattacks is out of the question. Since cybercriminals can’t get it to run scans or launch attacks, they will use it for the next best thing – to learn how to perform various attacks.

One of the most amazing capabilities of ChatGPT is that it can output easy and clear instructions for software and cybersecurity programs, such as popular network scanning and pen-testing tools like Metasploit and Nmap. In most cases, ChatGPT can advise users on the most effective tools to use and provides understandable instructions on how to use them for malicious cyber activities.

Potentially, this implies that ChatGPT can help individuals with zero technical skills to effectively use various attack tools to engage in a wide range of malicious activities. These include conducting network scans and screening systems for security weaknesses and exploitable vulnerabilities.

The AI-powered chatbot can then assist users with how to exploit security flaws to gain unauthorized access to sensitive data, networks, and systems.

Ominously, these capabilities increase risks for organizations, where begrudged employees or upcoming hackers can leverage ChatGPTs capabilities to exploit vulnerabilities to cause harm.

What Is The Way Forward?

Cybersecurity threats from artificial intelligence are not new since the technology has existed for many years. However, with emerging interactive tools like ChatGPT demonstrating distinct examples of how AI can alter the cyber threat landscape, AI cyber threats are now scarier.

Thus, cybersecurity vendors must become more proactive in implementing behavioral AI components in security systems and software to detect and deter AI-generated attacks.

Dr. Raj Sharma, a lead AI and cybersecurity consultant at the University of Oxford, believe that AI-generated attacks cannot be countered using traditional security controls. “If there is some kind of hacking tool that uses AI, then we have to use AI to understand its behavior,” he says.

As such, artificial intelligence technologies will become critical in developing defensive measures against the evolving cyber landscape where attackers turn to AI-powered platforms to create malware and launch attacks.

Ultimately, the impacts of ChatGPT and other similar platforms on the cybersecurity landscape depend on users’ intentions. The bottom line is that it is crucial to be aware of all potential risks resulting from its use to inform the appropriate mitigation actions to reduce those risks

Most cybersecurity solutions providers develop and sell security products and services bent toward serving large enterprises with established IT departments, specialists, processes, and budgets.

43% of cyberattacks target small and medium enterprises. Unfortunately, SMEs lack security tools and controls that fit the bill since many modern cybersecurity products seem complicated and pricey, especially for resource-constrained SMEs. Unfortunately, hackers are not sparing any target, regardless of size or industry, with their soaring and sophisticated attacks. No business is too small or too large to fall victim to a cyber incident in the cybersecurity world. Increased and successful hacking activities have led to the closure of 60% of small businesses within six months after suffering a cyberattack.

SMEs have resorted to buying and using multiple security products without understanding the solutions’ features, capabilities, and if they are a perfect fit for their security needs. As a result, many organizations operate a disjointed web of ineffective security profiles that further compromises teams’ capabilities and budgets in an organization. It is mind-boggling that only 14% of SMEs rate their promptitude to identify vulnerabilities and wade cyber risks as highly effective.

Economic digitalization keeps opening new growth factors for businesses, with organizations quickly embracing new smarter and connected processes and systems. These trends and the advent of cutting-edge technologies, such as artificial intelligence (AI), machine learning (ML), 5G, and IoT that organizations are adopting keep exposing businesses to a plethora of cyber risks.

Economic digitalization proclivities imply that SME owners must keep learning more and investing in suitable digital security strategies. Before purchasing a cybersecurity solution, company owners need to consider their business models, type of data collected and stored, their customer base, IT infrastructure, and the technologies they need to secure their environment.

Compelling Stories Nurture and Close Leads

At EliteMoran, we believe that compelling stories shared by cybersecurity solutions providers are at the heart of stakeholder engagement. We assist cybersecurity vendors in building content on resonant messaging that speaks to key customer concerns and industry narratives to educate, establish credibility, and elevate topical authority. We derive the right message strategy and a full range of optimized digital and print content

development, thoughtfully crafted by senior-level cybersecurity researchers and writers.

EliteMoran has helped cybersecurity solutions sellers to solidify their standing as some of the world’s leading authorities in the field. With our thought leadership-positioned content, you can as well showcase your esteemed position in cyberspace.

Study findings show that remote work makes staff happier, with 55 percent of commuters indicating increased levels of frustration caused by their commute. Companies that offer flexible working make a job more attractive to 70 percent of candidates. Additionally, organizations that permit remote working strategies increase retention rates by 10 percent. These facts indicate that remote working is not just a fad. Instead, it is here in perpetuity. Simultaneously, the coronavirus pandemic that has disrupted almost all aspects of life globally has resulted in the further rise of remote workers. Companies encourage their employees to operate from home to slow down the spread of the virus.

Fortunately, the current digital solutions enable organizations to evade past apprehension tied to employee productivity and governance issues. Some widely used technologies in remote working include collaboration and video conferencing tools. As a result, businesses can now enjoy benefits, such as increased productivity, a vast talent pool, better work-life balance, cost savings, and enhanced employee well-being. The sizable amount of people working from home has, in turn, opened a wide range of cybersecurity vulnerabilities on corporate networks because of the increased use of untrusted networks and unsanctioned devices to access sensitive information and systems. A conspicuous observation from the trend is that many organizations lack adequate preparations to support this spur-of-the-moment workforce. For example, a recent study by OpenVPN revealed that 90 percent of IT specialists believe that working from home is not secure. Additionally, 70 percent of security professionals think remote employees pose a higher risk than onsite workers. Cyber Risks of Working from Home The figure shows some of the leading cybersecurity concerns that organizations with remote workers face:

Cybersecurity Measures while Working from Home

Employee Responsibilities:

• Endpointdeviceprotection: install antivirus software for your device.
• Patching:Update installed apps and operating systems with the latest update releases from vendors.
• Physicalsecurity: shut down devices after work. Secure mobile phones and laptops from theft. Use strong passwords to protect devices
• Separateworkandpersonaldevices

Company Responsibilities:

UseVPNs: require employees to connect to an organization’s infrastructure through a VPN with proper encryption. Ensure that the VPN vendor provides patches and updates

Userawareness: share training materials and tips to create and maintain cyber hygiene across the organization

Backup: have a contingency plan for sensitive information

Policies: develop and share procedures for handling tasks such as installation and use of software such as Zoom

MDM:apply mobile device management solutions to set a standard configuration for connected devices. MDM enables an organization to lock unsolicited endpoints attempting to connect to the network remotely

Most of the cybersecurity measures recommended for securing work from home involve purchasing cybersecurity solutions, such as antivirus, VPNs, MDM tools, and so on. Besides, organizations now see the need to work with managed security service providers to meet the breakneck cybersecurity demands caused by remote work. However, since most businesses remain offhand with remote working, meeting security needs is daunting. Besides, many of them lack the internal expertise to help put proper security measures in place.

This observation means that SMEs face difficulties selecting the correct cybersecurity solutions and vendors, leading to delays in purchasing relevant security solutions.

Get Started with Elite Moran

EliteMoran develops content to support cybersecurity solutions sellers and buyers while supporting their business goals. Our senior-level cybersecurity researchers and writers create value-based content marketing strategies that map to the buying cycle, seasonal factors, reputation building, critical campaigns, and other factors that directly affect the bottom-line results. In addition, we develop SEO-optimized content to inform and influence potential customers’ purchasing decisions.

The coronavirus pandemic has caused adverse impacts on the cybersecurity industry. From canceled conferences to working from home to disrupted supply chains, the crisis has affected the cybersecurity market, requiring changes in how cybersecurity business and experts sell their solutions and services.

The ongoing COVID19 pandemic has led to reduced cyber security industry sales due to canceled events and the limited physical mobility of cyber security experts.

The current challenges accentuate legacy issues in the cybersecurity sector, such as selling cybersecurity solutions to businesses that treat it as a cost and not an investment, operating in a fiercely competitive cybersecurity industry, failure to understand the CISO’s mindset, and operating in a field with flawed solutions reviewers.

At the same time, the sector is experiencing several opportunities during the pandemic. For instance, businesses are increasingly facing frequent and sophisticated cyberattacks. In addition, security experts are also recording a spectacular rise in coronavirus-themed cyberattacks during the crisis, causing a surge in cybersecurity solutions demands.

Content is King When Selling Cybersecurity

Cybersecurity vendors, however, require disruptive tactics in targeting clients and selling their products. The sellers need content built on resonant messaging that speaks to primary customers’ concerns and industry narratives.

A compelling story is at the heart of stakeholder engagement. Developing credible content for your cybersecurity products educates, establishes credibility, and elevates topical authority.

Does your content strategy drive the right message and a full range of content development, thoughtfully crafted by security and marketing experts and writers with in-depth security sector knowledge and communications expertise?

Elite Moran provides a comprehensive content strategy for cybersecurity solutions providers and experts. Elite Moran is a proactive, engaged, and integrated cybersecurity content development agency that rapidly understands technology solutions and represents the company to clients and analysts. We are an extension of your marketing team. We develop content and thought leadership programs that exceed your expectations.

We welcome the opportunity to learn more about your cybersecurity products and services and discuss the many ways our tried, tested, and trusted content strategy could help you succeed.

Uber Technologies Inc. is still investigating a third-party breach that saw threat actors leak sensitive employee data online. The breach affected 77,000 Uber employees, and the hacker leaked additional information, such as the source code of Uber Eats, a food delivery service, and the company’s mobile device management platform.

Fortunately, the leaked data did not contain any customer information. According to Carissa Simons, Uber’s spokesperson, the new breach is unrelated to the September incident, where an attacker used social engineering to bypass authentication and gain access to the company’s networks. “We believe these files are related to an incident at a third-party vendor and are unrelated to our security incident in September,” Simons noted.

Data breached through a third-party

Uber disclosed that the hacker in the attack stole the data by breaching Teqtivity, a tracking services and asset management firm. In its breach notification statement, Teqtivity confirmed that a malicious actor gained unauthorized access to an AWS backup server that hosted sensitive data, such as company code and user information. In addition, the AWS server stored information like device data, including technical specifications, model, make, and serial number, and customer information, including last and first names, work location information and work email addresses.

Third-party vendors are often considered weak links in organizational cybersecurity. A SecurityScorecard security researcher, Robert Ames, notes that companies provide third parties with almost the same access privileges as employees. Still, due to their less effective cybersecurity measures, they are prime targets for attackers looking to infiltrate larger enterprises. “Vendors and other third parties are often granted the same access as employees but with fewer security measures, making them a weak link and, therefore, a popular target for threat actors. When hackers access a third party’s systems, they can access whatever data that system stores, even if it belongs to other organizations,” Ames posits.

Lessons drawn from the breach

Ideally, companies can’t trust anyone to protect their critical assets, but most organizations rely on third-party vendors for essential daily services and processes. However, as the new Uber breach has shown, third parties can expose protected information to various security risks. Above all, the Uber data breach underscores that companies cannot rely on third-party security measures to secure vital assets and data, requiring enterprises to be more proactive in performing due diligence on the third parties they partner with.

Furthermore, the recent Uber breach comes a few months after Lapsus$ attackers compromised Uber by acquiring login credentials from Uber’s external contractor and leveraging multi-factor authentication bombing to trick a user into accepting an SMS login request to gain unauthorized access to Uber’s internal networks. While the Lapsus$ attack method differs from the latest breach, it illustrates an increasingly popular trend where attackers target third-party vendors in the supply chain to compromise larger organizations. Recent research revealed that 51% of companies had been breached through a third-party provider. Also, a different study showed that most enterprises consider third-party vendors as material risks when a data breach occurs.

As a result, many organizations have implemented measures for mitigating third-party risks. Arctic Wolf’s vice president of strategy, Ian McShane, has warned that the increasing high-profile breaches and the constantly evolving cyber threat landscape require organizations to understand who their vendors are in the supply chain and monitor the environments continuously to reduce security risks. “In recent years, we’ve seen that companies are becoming more at risk of being either the ‘target’ or the ‘transport’ that allows other organizations to be hacked,” McShane explained. Although it is difficult to determine whether attackers in the Uber breach identified Teqtivity as a possible entry point to Uber’s systems, the high volume of leaked data suggests that companies should not overlook third-party cyber risks.

What does the breach mean for uber

The Uber breach could have been worse, but a large amount of breached employee data implies that the company could suffer long-term consequences. These include spear-phishing and targeted social engineering attacks. The attackers have a database of Uber employees containing their email addresses, names, and work location information. Armed with this data, attackers can target the affected employees with carefully crafted spear-phishing and other sophisticated social engineering attacks to trick them into divulging sensitive company or personal data and login credentials.

Erich Kron, a cybersecurity awareness advocate, believes that the highly-targeted social engineering attacks will make them more difficult to detect and protect against. “Personal information on employees and customers can easily be used in creating more relevant and believable social engineering attacks in the future. People whose information may have been accessed or leaked should be made aware of the potential data misuse, and how it may impact them,” Kron noted. Thus, Uber must prioritize security training and awareness programs to address potential follow-up phishing threats, likely to emerge once hackers perceive weaknesses.

How to protect yourself from similar attacks 

Rather than assessing third-party vendors on a case-by-case basis, forward-thinking organizations implement systems, processes, and frameworks to mitigate third-party risks proactively. Developing and maintaining a third-party risk management framework to determine the implemented risk management controls that vendors have implemented. For example, a risk assessment questionnaire can help understand a third party’s data security practices and approaches to managing risks to enhance the cybersecurity posture.

Also, performing due diligence on prospective third-party vendors by performing cybersecurity audits is essential to managing risks to prevent third-party breaches. For instance, Microsoft’s Supplier Privacy and Assurance Standards stipulate the data privacy and security requirements that suppliers must meet to ensure a robust cybersecurity posture. Besides, some compliance requirements require companies to ensure that third-party data protection practices are the same as those implemented in the organization or higher. In other words, the following practices should form the foundation of best third-party risk management practices:

• Identify the third-party vendors providing various services and update an inventory of their access requirements.
• Define the organization’s cyber risk appetite.
• Determine, classify, and categorize inherent risks
• Establish risk assessment standards, questionnaires, and frameworks.
• Create an all-inclusive assessment schedule.
• Define a schedule for assessing the identified third parties.
• Develop an incident management and response plan for dealing with arising third-party issues