If there’s a chief defining factor of today’s cybersecurity landscape, it’s change. If there’s a second, it’s volume. In fact, Comcast Business just released its second annual Cybersecurity Threat Report, analyzing the 29 billion cybersecurity events it detected across its base of security customers in 2023, revealing an intensifying global threat landscape.

One of cybersecurity’s biggest agents of change—right now, but even more significantly in years to come—is undeniably artificial intelligence. As AI continues to mature, it will factor into a greater share of the billions of attacks carried out every year, giving attackers new tools to carry them out. But ultimately, fortune favors the defenders. The pace of innovation in AI—and the capital behind it—will spur an AI-enabled cybersecurity transformation in the coming years, fundamentally changing how enterprises defend against cyberattacks.

AI’s transformative role in cybersecurity

AI has created a vast new frontier for attackers. Across vectors, AI—and generative AI in particular—has made it easier to access, create, optimize and automate attacks for even novice would-be hackers.

Deepfakes and phishing

Social engineering continues to be a rampant tactic among threat actors. Phishing is still the most prominent attack vector, and in 2023, Comcast Business detected over 2.6 billion phishing interactions. Generative AI is being used to create phishing messages at scale, eliminating much of the manual work of social engineering, as well as the language and grammar typos that often serve as “tells” for phishing messages. Meanwhile, it’s also made it much easier to create highly
realistic deepfakes, capable of mimicking executives’
voices and appearances, deceiving even the most
vigilant employees.

AI-coded malware

A full 90% of all the phishing attempts Comcast Business blocked in 2023 were designed to lead users to sites known to host malware. Malware, like most software applications, has traditionally required some level of technical proficiency to create. But given the trajectory of generative AI, that’s not likely to be the case forever. Generative AI can be used to decode and then subtly modify existing malware so that it can evade detection tools. In the future, it is conceivable that even rookie programmers could provide enough instructions to generative AI to create novel malware.

AI in DDoS attacks

Comcast Business detected 103,000 DDoS attack attempts in 2023, demonstrating the risks the tactic can pose to the security of enterprise data and systems. Artificial intelligence is leading to a rapid evolution in DDoS, as threat actors use the technology to enhance the scale and effectiveness of attacks, using AI-driven botnets that can adjust dynamically to defensive measures. AI can also be used to coordinate more powerful, distributed attacks by optimizing the use of compromised IoT
devices, making these attacks more challenging to
mitigate.

Malicious democratization

Generative AI—and AI in general—represents a democratization of access and technology for attackers and would-be attackers. It puts powerful tools—and the ability to inflict damage—in the hands of people who would have previously been incapable. That means that the scale and sophistication of AI-enabled attacks is only going to grow, and enterprise IT teams need to be ready.​

What it means for the good guys

AI’s impact on cybersecurity isn’t just a story about growing scale, evolving attack vectors and techniques. While the threat landscape grows more complex, AI is also being harnessed by enterprise IT and security teams as a powerful tool to help thwart attacks, including:

Assisting cybersecurity professionals: Generative AI can help streamline security operations by ingesting security playbooks and manuals and “conversing” with cybersecurity professionals on appropriate actions, or by initiating “conversations” with humans to collect vital information. Large Language Models can automate tasks such as security log ingestion, processing and transformation.