Cybercriminals are using Artificial Intelligence (AI) to amplify their attacks, concluded cybersecurity experts attending the DevCon 2024 event in Bucharest. In the view of Ignat Korchagin, engineering manager (Linux team) at Cloudflare, not granting permissions to applications can turn a system into a more secure one: "Unprivileged Linux username spaces are a rather controversial topic in the security community, in the Linux Kernel community, and in software engineering in general. On the one hand, it allows building unprivileged and sandboxed services and applications that would otherwise require elevated privileges to run successfully and provide functionality to their users. Not granting privileges to such applications makes our systems more secure. On the other hand, this mechanism has been repeatedly used in various vulnerabilities and exploits as a start-up attack vector, multiplying the damage and impact of these exploits. Many Linux distributions and security guides have started to recommend disabling this feature completely. There is an ongoing debate whether unprivileged username spaces provide more security or make the system more vulnerable." David Lilja, senior threat analyst at Truesec, also pointed out that hackers are increasingly turning to AI technology to amplify their cyberattacks. Cyber Solutions Hub founder Andrei Codruţ said: "Hacking Human OS delves into the psychological, cognitive and behavioral factors that expose even the most secure systems to cyberthreats. Human error - often overlooked but highly exploitable - can be hacked through social engineering and cognitive manipulation. Developers building the digital future are not immune to these vulnerabilities. As the pressure to deliver rapidly increases, their decisions can inadvertently introduce weaknesses. However, by rethinking the way developers approach security, from the habits they form to the code they write, we can help them become formidable defenders against modern cyber threats. Recently, cybersecurity professionals have warned about the impact of the use of Generative AI (GenAI) in cybercrime.
A report recently published by Deep Instinct, "AI in Cybersecurity: Friend or Foe?", found that 97% of cybersecurity experts are concerned that their organizations will be affected by the use of AI in cybercrime operations, while 75% admit that the evolution of AI has affected and changed their cybersecurity strategy in the last 12 months. At the same time, Eset experts have calculated that cybercrime could cost companies $10.5 trillion in 2025, an amount that includes the profits made by hackers through various means. Over 2,500 IT professionals and technology enthusiasts from Romania participated in the sixth edition of the DevCon 2024 event in the last two days.