AI's Cyber Threat: Two People on a GPU Can Now Target Companies

Summary

The accessibility of advanced AI tools, like 'Mythos,' is rapidly democratizing cyberattacks, allowing even non-sophisticated actors to perform actions previously requiring elite skills. This shift means the potential number of threat actors is dramatically increasing, moving from a few dozen highly skilled groups to potentially just two individuals with sufficient computing power. This democratization impacts individuals, companies, and even nation-states, with organizations like US Cyber Command already integrating AI. The core challenge for defenders is keeping pace with attackers operating at 'machine speed.' This is why contextual security platforms like Nebulon are crucial. Nebulon's founder, Damien Lucius, highlights that companies often invest in best-of-breed security tools but still get breached because isolated solutions don't address the root cause of breaches. He emphasizes the need for a proactive approach, similar to threat hunting, which assumes a breach and actively seeks risks before they become major incidents. Key indicators of compromise include slow, consistent data exfiltration resembling backups, performing actions outside an employee's role, and establishing persistence mechanisms like installing remote tools or multiplying account access. Lucius stresses that AI is automating the initial stages of the cyber kill chain, from reconnaissance to exploitation, significantly lowering costs for attackers and making breaches more accessible. While AI presents challenges, it also offers solutions for defenders, and the current window of opportunity to adapt technology and prepare for what's next is critical. Inaction is the greatest concern, rather than AI's catastrophic destruction.