Cybersecurity Pros Say IoT, Large Language Models Are Risk Areas of Concern
When it comes to systemic cyber risks, cybersecurity experts have identified two emerging areas of concern: Internet of Things (IoT) devices and large language models (LLMs). A recent survey conducted by CyberCube and Munich Re has shed light on these risk areas, highlighting the need for organizations to take proactive measures to mitigate potential threats.
The survey, which gathered expert judgment from nearly 100 cybersecurity professionals, found that IoT devices pose the biggest concern in the near term. Ethan Spangler, lead economist at CyberCube, attributes this to the recent increase in attack surface. "You suddenly have machines that weren't connected and vulnerable now being connected and open," he explained. "Yes, there is a massive efficiency gain, but it's also a massive security risk that you now have to worry about."
IoT devices, particularly those used in manufacturing settings, can improve efficiency by providing real-time insights into production levels and other telematics-based information. However, this interconnectedness makes companies vulnerable to ransomware attacks that can shut down production lines. On the consumer side, hacking into and shutting down large swaths of IoT devices, such as WiFi-enabled smart fridges, could also cause chaos.
On the other hand, LLMs have been shown to be productivity enhancers across industries, allowing users to quickly learn and implement cybersecurity methodology on both the defense and attack sides. However, for attackers, these language models can be used to inform hacks and allow for scaling sophisticated spear phishing operations. As Spangler noted, "LLMs are already being used in cyberattacks... It's not a rogue SkyNet agent attacking. It's people using these tools to enhance their own abilities."
Conversely, on the defense side, LLMs also allow practitioners to analyze the sentiment, origin, and prior communications of messages to better detect phishing attempts. Respondents differentiated their views between artificial general intelligence (a hypothetical form of AI that would possess the ability to perform intellectual tasks on the same level as humans) and LLMs, with the latter being seen as having an impact now and AGI being a greater concern in five or more years.
The survey also found that another widespread malware event on the scale of WannaCry or NotPetya would not be seen as surprising to most experts. According to Cloudflare, the WannaCry malware worm spread to 200,000 computers in over 150 countries in 2017, and NotPetya impacted at least 2,000 organizations that same year. Experts said that a 10% global infection rate would be surprising, and a 25% rate would be truly shocking.
Respondents identified patch management, network segmentation, and data backups as the most effective mitigations against widespread malware attacks. "When done effectively, such mitigations can reduce the chance of being affected by a widespread malware attack by 50% to 80% and reduce the financial impacts of such an event by a similar amount," the report said.
Furthermore, CyberCube and Munich Re's research found that the most effective mitigation against cloud outages is to establish a multi-region architecture with cloud service providers used for critical business applications. "Having multiple CSPs was not found to be effective, as organizations commonly use different CSPs for different objectives, and the option to transfer service during an outage of one provider was seen as unfeasible," the report said.
As cybersecurity experts continue to monitor these emerging risk areas, it is clear that organizations must take proactive measures to mitigate potential threats. By staying informed and implementing effective mitigation strategies, companies can reduce their exposure to IoT and LLM-related cyber risks and minimize the financial impacts of widespread malware attacks.