Mikko Hypponen has spent decades at the heart of the battle against… MalwareThis 54-year-old expert was able to defeat some of the most deadly computer programs and track down their makers to determine the first computer from which they were launched. He also began selling information safety software since he was a teenager in his hometown of Helsinki in Finland.
Writer Thomas Macaulay says in an article published by “The Next Web” website: This engineer has won many awards and honors and appeared on Foreign Policy magazine’s list of the 100 greatest thinkers. He now holds the position of chief researcher at “WithSecure,” which is the largest cybersecurity company in the world. Scandinavian countries.
The writer explained that this Finnish expert is also the founder of the Internet Malware Museum, but his long career in this field is today at stake in the face of developments in the world of the Internet, specifically with the rapid development achieved recently in the field. artificial intelligence. “Artificial intelligence is changing everything,” Mikko says. “It represents a revolution that will be bigger than the Internet.”
According to the writer, Miko expects this revolution to have a positive impact on the world, but he does not hide his concern about the cyber threats that will accompany these transformations.
At the beginning of this year, 2024; Mikko Hypponen revealed the 5 most serious concerns, from his point of view, that should be paid attention to during the new year.
1- Deep fake
Scientists have long considered deepfakes the most exploitable area of artificial intelligence for criminals, although the technology has not yet matured to the point of mimicking reality and being impossible to detect.
But in recent months, concerns in this regard have increased after attempts to use deep fakes in video and audio clips increased by 3,000% during 2023.
In this world witnessing an information war, fabricated video clips are witnessing a crazy development, and this has been clearly demonstrated in several examples, including composite clips of the Ukrainian president. Volodymyr Zelensky With the beginning of the Russian invasion.
This trick is being used on other, less important domains, including, for example, what was exposed last October, when a fake video clip was spread on… Tik Tok It features social media influencer Mr. Beast offering to distribute iPhones for just $2.
The fake video clips aimed at fraud and stealing money remain unsuccessful so far, as Mikko Hypponen saw only three of them that achieved their goal, but he expects the number to increase significantly, given that the quality and accuracy of these clips, the wide scope of their circulation and the ease of production as well, are all factors that will contribute. In its spread, he says: “This phenomenon is still not widespread, but it will become a serious problem in a short time.”
Miko believes that in order to reduce risks; Anyone exposed to these scams must use distinct words to reveal whether the person they are addressing via video call is real or fake.
For example, when communicating with a colleague or relative, if the caller asks you for sensitive information, transfer a sum of money, or send a private file, you must ask him for a distinctive word about a topic that no one knows except you.
Although this idea may seem ridiculous now, it is absolutely necessary to protect against deception. Miko believes that “using a password or security word at the present time is a very cheap method of protection, but it must be resorted to during the year 2024.”
Deep web scams
Although this hoax may closely resemble deepfake videos, it does not necessarily rely on fabricated video or audio clips. In this case, the word deep refers to the massive nature of this scam, using automation to direct the scam to an infinite number of people.
Fraudsters who use this method are active in various fields, including investment, stealing electronic accounts and tickets, and even in the field of romantic relationships.
An example of this is the case of the famous scammer on the dating app “Tinder,” who managed to steal up to $10 million from women he met online.
Imagine if this scammer was using Big Language Models (LLMS) to spread his lies and fabricate images to prove his claims, or was using software to translate his speech into several languages, Then the number of his victims would have been much greater.
Miko believes that if this person had used deep scams or deep deception techniques, he would have been able to deceive ten thousand victims instead of three or four.
The “RNB” website for renting rooms and houses is also witnessing intense activity for this type of scam, where stolen photos from other properties found on the Internet are used to convince those searching for housing and push them to send money to make the reservation.
3- Large Language Model Malware (LLMS)
Miko warns that artificial intelligence has actually begun to develop malicious software, and the research team he leads has been able to uncover three electronic worms that launch huge language programs to rewrite programming codes. Although this tool has not yet been used in practice, it has been found on the Internet, and it works effectively.
These worms, which use the OpenAI artificial intelligence platform, design software that is pre-trained to produce various codes specific to each targeted victim. It is really difficult to detect these worms, although the OpenAI website periodically detects them and places them in the list of malware.
However, Miko warns that online fraudsters can download large language models on their computers and use them on a local scale away from the Internet, and therefore artificial intelligence platforms cannot detect and report them.
These methods also allow fraud of the rules of use, and the publication of materials containing violence, pornography or deception. For this reason, the OpenAI platform still has significant restrictions on users.
4- Day zero attack
Another concern that concerns cyber experts is the exploitation of zero-day attacks, which rely on attackers discovering vulnerabilities or vulnerabilities before developers can find solutions for them.
Currently, artificial intelligence can detect these vulnerabilities early, but in other cases it can be the one who creates these vulnerabilities.
“It's nice to be able to use AI to find vulnerabilities in the software you're developing, so you can patch them before it's too late,” Mikko says. “But malicious intent can also use AI to find and exploit these vulnerabilities.”
These situations are still in their infancy, but Miko expects them to spread widely within a short time.
5- Automated malware
WithSecure, the company that Miko works with, decided to adopt full automation in developing defense and protection methods decades ago. This gave the company a head start over cybercriminals who had been operating manually for years. But now with the spread and ease of using automation in cyber attacks and malware spreading, the superiority of cyber security companies no longer exists.
Miko believes that the bet is now based on who can develop and use artificial intelligence best. This intense confrontation will begin soon, and its results will be fateful, to the point that fully automated malware will become the number one cyber threat in the world in 2024.