#
Splunk Urges Users to Eat Their 'Cyber Vegetables' - Experts Warn of Vibe-Hacking Phenomenon
The annual Splunk.conf conference took place in Boston this week, where data observability specialist Splunk's cyber executives sounded the alarm on poor security practices that are hindering defenders and leaving the door wide open for both career cyber criminals and less sophisticated actors exploiting artificial intelligence (AI) agents and models to power attacks at scale. The phenomenon is being dubbed "vibe-hacking" by experts.
##
A Lack of Cyber Hygiene
Organisations' lack of attention to some of the most basic tenets of cyber hygiene not only continues to hamstring defenders but increasingly leaves the door wide open for attackers. According to Ryan Fetterman, senior security strategist at Cisco Foundation AI and Splunk SURGe, this is having a significant impact on businesses.
"We need to think about what are the problems we're trying to solve," said Michael Fanning, CISO of Splunk. "When you learn how to play basketball, you start by learning how to make a layup, how to shoot free throws, how to play defense – and those are some of the hallmarks of a good team, there's nothing fancy about that."
##
Vibe-Hacking: The Emerging Threat
Fetterman detailed an example of a ransomware incident in which the threat actor used an AI agent to help conduct a full ransomware attack chain from initial target reconnaissance to vulnerability exploitation to execution and encryption. What was particularly alarming was that this attack chain could be scaled across 16 victims.
"This is scary because it can obviously scale to more attackers and scale to more victims," said Fetterman. "Now the targets that may not have been appealing from a financial perspective previously can in aggregate bring more of a return for those attackers, and maybe organisations that would have been lower on the priority list are fair game."
##
The Importance of Cyber Hygiene
Fetterman and Fanning both emphasized the importance of paying attention to the basics. "Cyber vegetables are important," said Fetterman. "The reason for that is because the bar has been lowered for attackers using AI to scale their attacks and require less sophistication to do the things that they want to do."
According to Splunk, this means focusing on security best practices such as patching vulnerabilities, implementing robust backup systems, and staying vigilant against phishing attempts.
"The same is true with running cyber security – really nailing the basics in the core domains of cyber security is just an integral part of actually protecting your environment," added Fanning.
##
Avoiding Novelty
While it's understandable that some security leaders might be drawn to new technologies and capabilities, Fanning warned against giving in to novelty for its own sake. "Usually when that happens that’s indicative of a lack of strategy for your organisation," he said.
Instead, security leaders should define their top security initiatives and objectives and keep their teams focused on what truly matters. This will help avoid "pet projects" that serve only to distract and increase risk.
By prioritizing cyber hygiene and staying vigilant against emerging threats like vibe-hacking, businesses can protect themselves against even the most sophisticated attacks.