Bali, Indonesia, was abuzz late August as our 9th APAC Cybersecurity Weekend (CSW) took center stage there, shedding light on the enigmatic world of AI — from its potential for crafting malware to safeguarding cybersecurity.
The theme, “Deus Ex Machina: Setting Secure Directives for Smart Machines”, promised to illuminate the path toward a secure digital future. Join us as we go through the highlights of the event, revealing strategies and solutions for combatting the rising tide of cyberthreats in APAC.
Adrian Hia sets the stage: The Duality of AI
The event began with an address by our Managing Director for APAC, Adrian Hia, who shared valuable insights into the business achievements in the APAC region and the nuanced nature of AI’s influence. He expressed optimism about AI’s ability to bring about positive changes across industries and enhance lives, while also acknowledging the importance of responsible AI adoption and cybersecurity measures to mitigate potential risks. Adrian’s address set the stage for an event that would explore the multifaceted impact of AI on our world.
AI triggers: Suffering Distancing Syndrome
Vitaly Kamluk, Head of the APAC unit of Kaspersky’s Global Research & Analysis Team (GReAT), warned of the dark side of AI’s ascent. Cybercriminals employ AI to perpetrate malicious actions, often shifting blame onto technology and creating a psychological hazard he terms ‘suffering distancing syndrome”. As we delve into the darker corners of AI’s potential, we soon come across WormGPT and FraudGPT — sinister entities that exploit the capabilities of large language models (LLMs) to craft both malware and phishing tools. The unsettling prospect of an intelligent, independent threat actor emerging from the shadows leaves us grappling with ethical dilemmas and an urgent need for proactive measures to secure our digital future.
So how do we safely move forward and navigate our path in the world of AI? During his presentation, Vitaly Kamluk prescribed precautions while leveraging the benefits of AI:
- Limit anonymous access to advanced technologies
- Maintain records of generated content and synthesis methods
- Establish robust protocols for addressing AI misuse and abuse
- Provide clear reporting avenues with AI-based verification and human validation
- Empower users to identify AI-generated imagery, audio, video, and text
- Consider licensing for AI developers to mitigate potential harm
- Compel offenders to remain on the fringes with regulatory measures
- Promote widespread awareness of how to recognize artificial content
- Equip individuals to validate content authenticity and report abuse
- Incorporate AI education into school curricula
- Provide responsible technology usage-training for software developers
Our CEO’s vision: Cyber Immunity for All
Our CEO, Eugene Kaspersky, envisions a world where cyber immunity reigns supreme. He emphasized his mission: seamlessly integrating cybersecurity with the powerful concept of cyber immunity. AI, generally a force for good, also carries the potential to be used in the committing of cybercrime. His pivotal question, “Why not make systems unhackable and flexible?” resonates deeply.
He introduced Kaspersky OS, a beacon of technological hope, promising not only security but also cyber immunity — a world where systems remain impervious to cyberthreats while continuously optimizing their operation.
KasperskyOS is an operating system designed with a strong emphasis on security, and is primarily used in embedded systems, Internet of Things (IoT) devices, and critical infrastructure environments where security is of the utmost importance. This underscores our unwavering commitment to safeguarding the digital realm, where cybersecurity and cyber immunity become inseparable.
AI’s double-edged sword: Crafting Malware & Cybersecurity’s New Ally
Noushin Shabab, Senior Security Researcher, GReAT APAC, explored the dynamic potential of AI in crafting malware, revealing its dual nature as both a formidable asset and a looming threat in the APT landscape. She painted a vivid picture of a military-like landscape where AI-driven tools deftly navigate the phases of persistent threats. This fusion of AI and cyberattacks ushers in an era of unprecedented complexity, which will challenge cybersecurity experts to fortify digital environments within an ever-evolving threat landscape. Contemporary APT actors have evolved, weaving intricate strategies to evade detection and cultivate stealth techniques for extended infiltration. This narrative underscores AI’s potential to empower cybercriminals at every stage — from initial reconnaissance to the ultimate extraction of critical data.
Next up was Saurabh Sharma, Senior Security Researcher, GReAT APAC, exploring ChatGPT’s role as cyber-armor. Sharma unveiled its real-time applications, demonstrating how it bolsters the defense strategies of cybersecurity professionals.
He went on to highlight three essential domains. First, it excels in gathering threat intelligence by combing through the vast expanse of the internet to amass critical data concerning emerging cyberthreats, vulnerabilities, and threat actors. Second, when a cybersecurity crisis unfolds, ChatGPT proves invaluable in incident response. It swiftly aids in crafting an efficient strategy to contain an attack, minimize the damage, and expedite system restoration. Third, we have threat analysis: ChatGPT demonstrates its prowess by dissecting and comprehending cyberthreat data. It empowers cybersecurity experts with insights into the intricacies of an attack, its potential ramifications, and the tactics, techniques, and procedures (TTPs) employed by threat actors.
The event reached its climax with an enthralling expert panel discussion: a test for ChatGPT. Our experts challenged ChatGPT with the question, “What question can it ask Eugene Kaspersky in a media interview?” In response, ChatGPT astutely suggested a range of insightful inquiries, showcasing not only its linguistic prowess but also its ability to engage in meaningful, context-aware conversations. This seemed to underscore the invaluable role that advanced AI like ChatGPT can play in enhancing cybersecurity strategies and decision-making processes.
Amid the backdrop of intensive discussions and knowledge-sharing sessions, we curated an experience that struck a harmonious balance between learning and leisure. Our media friends and team members embarked on an exhilarating excursion to the enchanting Nusa Penida Island. This provided a great opportunity to connect, network, and forge stronger bonds.
Leading the charge at CSW!
The APAC Cybersecurity Weekend 2023 was an undeniable success, shedding light on the evolving AI threat landscape in the region. With visionary insights and practical solutions, Kaspersky is paving the way for a more secure and cyber-immune future. As the world continues to grapple with the AI paradox, Kaspersky’s commitment to protecting the digital realm remains unwavering.