AI makes attacks on companies easier – and more dangerous

05. February 2025, Alexander Haugk

Phishing and social engineering have long been two of the most common and damaging methods for cybersecurity attacks. Cyber criminals are now using generative AI to make those methods even more dangerous, especially for financial fraud, industrial espionage and sabotage. What can be done?

Short & sweet

Cybercriminals are using AI to make phishing and social engineering attacks more dangerous.
Security-awareness training is increasingly important to combat evolving threats.
Specialized software to detect network anomalies can help.
Don't forget the basics: Close vulnerabilities and strengthen network security.

A company in the USA was looking for a programmer for its AI team. It advertised the position, screened applications and CVs, conducted (online) interviews, checked details and references, then finally hired a developer and sent him a company computer.

However, as soon as the new employee received the workstation, he began to install malware on it. The security team noticed and asked the new employee if he needed support – and the man disappeared from the radar. An investigation revealed that the new recruit was an industrial spy from North Korea. He had passed the standard pre-employment checks using a stolen identity from the USA and an AI-manipulated photo. The attempted infiltration was stopped – but only just.

There’s one more notable point about this incident: The company targeted is one of the largest providers of security awareness training to sensitize employees to the methods of cyber criminals. The story should be a warning to us all: If the HR department of a renowned security awareness specialist falls for AI-supported fraud, then it can happen to any company.

AI is a game changer

Since the early days of IT, two of the main security risks have been phishing (fraudulent emails or messages) and social engineering (duping the victim by exploiting social behaviors such as politeness, curiosity or the fear of contradicting a supposed superior or colleague). In the late 1970s, for example, the famous hacker Kevin Mitnick obtained the source code of DEC (one of the most important IT suppliers at the time) – not through elaborate hacking, but through social engineering: he simply contacted the system manager, pretended to be one of the company’s lead developers and claimed he had forgotten his password.

Such actions – whether they are aimed at financial fraud, industrial espionage or sabotage – are now much easier for cyber criminals thanks to AI. We all know how quickly generative AI technologies like ChatGPT can compose texts – and it doesn't take an AI any longer to write a phishing email than a Shakespearean sonnet. ChatGPT developer OpenAI has built-in barriers to prevent misuse, but attackers regularly bypass these either through cleverly worded instructions (prompts) or through one of many dark web services that offer ways to circumvent restrictions.

Even worse, AI not only makes it easier for cyber criminals to carry out attacks, but also accelerates them. Some can even be automated. This means that no company is immune to AI-supported phishing or ransomware attacks. The argument "As a company, we are far too small for cyber criminals to target us" has long since fallen victim to the sheer limitless scalability of cloud and AI resources.

The same applies to the language barrier. For a long time, companies in Germany considered themselves safe from the majority of targeted cybercrime operations because attacks required knowledge of the German language. But here too, AI is turning everything upside down. Anyone familiar with DeepL or Google Translate knows that AI translation models are good, getting better and probably not too far away from serving as real-time interpreters. According to a report by security specialist Trend Micro, various AI deepfake tools are already circulating on the dark web for falsifying the appearance, voice and language of celebrities and others in online conference calls for fraud purposes.

How can companies protect themselves?

An important first step is regular security awareness training. It is important to educate employees – not least those in HR – about how rapidly evolving AI tools are making phishing and social engineering a much greater threat today than in the past. Training should provide guidelines on how – and how not – to handle suspected attacks, and who to contact in an emergency.

Here are a few other helpful tips:

First, fact checkers at German public broadcaster Deutsche Welle have created useful instructions on how to recognize video and audio deepfakes.
Second, security and network monitoring solutions can continuously check a company network for anomalies and quickly alert the IT security team. A variety of managed service providers also can help companies without the in-house expertise needed for 24/7 monitoring.
Third, an important building block for controlling and securing company hardware, software and networks is a state-of-the-art Unified Endpoint Management (UEM) system. A UEM solution is essential for keeping PCs, mobile devices and other endpoints up to date with the latest patches, for detecting vulnerabilities, and for isolating compromised computers.

baramundi users have an advantage with comprehensive, integrated and automated solutions for software distribution, patch management, vulnerability scanning and more. Should a hacker gain access to a company device, the IT team can quickly disconnect it from the network, eliminate the threat and re-provision the device with clean software.

Home advantage for baramundi users

In the end, if you take care of the IT management essentials, your company will be better equipped to prevent and resolve AI-related and other security incidents. Our free Vulnerability Management white paper provides valuable advice for staying on top of evolving cybersecurity threats.

Eliminate vulnerabilities automatically – learn more in our free whitepaper

View all posts