How AI is reshaping cybersecurity as we know it

If there’s a chief defining factor of today’s cybersecurity landscape, it’s change. If there’s a second, it’s volume. In fact, Comcast Business just released its second annual Cybersecurity Threat Report, analyzing the 29 billion cybersecurity events it detected across its base of security customers in 2023, revealing an intensifying global threat landscape.

One of cybersecurity’s biggest agents of change—right now, but even more significantly in years to come—is undeniably artificial intelligence (AI). As AI continues to mature, it will factor into a greater share of the billions of attacks carried out every year, giving attackers new tools to carry them out. But importantly, it will also fundamentally change how enterprises defend against them.

AI’s transformative role in cybersecurity

AI has created a vast new frontier for attackers. Across vectors, AI—and generative AI in particular—has made it easier to access, create, optimize, and automate attacks for even novice would-be hackers.

Deepfakes and phishing

Phishing is still the most prominent attack vector—and in 2023, Comcast Business detected over 2.6 billion phishing interactions. Generative AI is being used to create phishing messages at scale, eliminating much of the manual work of social engineering, as well as the language and grammar typos that often serve as “tells” for phishing messages. Meanwhile, it’s also made it much easier to create highly realistic deepfakes, capable of mimicking executives’ voices and appearances, deceiving even the most vigilant employees.

AI-coded malware

A full 90% of all the phishing attempts Comcast Business detected in 2023 were created to deliver malware payloads. Malware, like any type of application, has traditionally required some level of technical proficiency to create. But not with generative AI. Although commercially available generative AI tools have guardrails against creating malicious code, open-source tools are quickly growing in sophistication—and can easily be used to spin up complex malware, even for rookie coders.

AI in DDoS attacks

Comcast Business detected 103,000 DDoS attack attempts in 2023, demonstrating the risks the tactic can pose to the security of enterprise data and systems. Artificial intelligence is leading to a rapid evolution in DDoS, as threat actors use the technology to enhance the scale and effectiveness of attacks, using AI-driven botnets that can adjust dynamically to defensive measures. AI can also be used to coordinate more powerful, distributed attacks by optimizing the use of compromised IoT devices, making these attacks more challenging to mitigate.

Malicious democratization

Generative AI—and AI in general—represents a democratization of access and technology for attackers and would-be attackers. It puts powerful tools—and the ability to inflict damage—in the hands of people who would have previously been incapable. That means that the scale and sophistication of AI-enabled attacks is only going to grow, and enterprise IT teams need to be ready.

What it means for the good guys

AI’s impact on cybersecurity isn’t just a story about evolving attack vectors and techniques. While the threat landscape grows more complex, AI is also equipping enterprise IT and security teams with powerful tools to help defend against these challenges, including:

  • Automated threat detection: AI systems will increasingly enable real-time analysis of large datasets, identifying patterns and anomalies that might be missed by human analysts. This capability allows for quicker and accurate threat detection and response.
  • AI in anomaly detection: Machine learning algorithms can identify abnormal network behavior, flagging potential threats before they escalate. Continuous learning capabilities allow it to adapt to new threats, enhancing its effectiveness over time.

The future of cybersecurity will hinge on how effectively organizations integrate AI into their defensive strategies, balancing automation with human oversight.

What are the real-world implications for IT and security leaders?

  • The advantage ultimately favors the enterprise—if leaders adapt: While attackers have gained some advantages through AI, the long-term edge will favor defenders. Strategic use of AI—coupled with human oversight and a deep understanding of evolving threats—can give enterprises the upper hand, enabling them to anticipate attacks and respond faster than ever before.
  • Threats aren’t only growing in scale, they’re growing in complexity: The increasing sophistication of attack techniques, such as AI-powered phishing and multi-stage exploits, demands that security leaders not only adopt advanced technologies but also refine their operational strategies. The days of relying solely on perimeter defenses are over. A more comprehensive, integrated approach—one that puts AI at the center of the conversation—is essential.
  • IT and Ops need to evolve: A true defense-in-depth approach layers multiple security measures across the network, from endpoint detection and response to robust network segmentation and continuous monitoring. This multi-layered strategy means that even if one layer is compromised, additional defenses remain active, making it harder for attackers to progress through the network undetected.
  • Partnering is crucial for comprehensive security: Security is a complex, ongoing challenge that often requires specialized expertise. Managed security service providers can offer technical skills, advanced tools, and comprehensive coverage that allow in-house teams to focus on strategic initiatives while still maintaining robust defenses.

Comcast Business offers an expanded suite of cybersecurity solutions to help guard businesses against fast-changing and malicious attacks. Learn more