AI has irrevocably changed the cyber security landscape, becoming a double-edged sword both increasing cyber risk and enabling organisations to better defend their environments.
This is according to Henry Denner, Managing Director at SecureConekt, a partner of CipherWave, who sees cyber security becoming an AI versus AI battlefield.
Denner notes: “AI has lowered the barrier to entry for cyber criminals. Attackers now use AI to automate reconnaissance and exploit discovery, craft sophisticated, personalised phishing e-mails, deepfakes and social engineering scams, and launch faster, more adaptive and more targeted attacks. The result is that attacks are more sophisticated and harder to defend against – especially for organisations using outdated systems or lacking dedicated security teams.”
Trevane Paul, CEO of Conekt Holdings, adds: "This isn’t just a new wave of cyber crime. It’s a full-scale arms race – and the only thing standing between your business and an AI-enabled threat actor is how fast and how smart your defence stack really is."
“AI has given nefarious people some exceptionally powerful tools,” Denner says. “AI models like WormGPT, which, unlike their ethically aligned counterparts (ChatGPT, Copilot, Gemini, etc), can generate harmful code and detailed exploitation strategies and techniques that would allow an attacker to successfully exploit and compromise an IT system. In live tests, WormGPT successfully identified and exploited vulnerabilities in publicly accessible websites, outperforming traditional security tools in evasion techniques. In one instance, the WormGPT located a multifactor authentication weakness on a website and generated fully working attack code personalised to that website.”
He says the development and distribution of these malicious AI tools is accelerating, with versions becoming more sophisticated and accessible via platforms like Telegram for as little as $50.
Paul says: "If cyber crime is productised and sold like SaaS, then every business is a potential subscriber to risk. What costs R1 000 on Telegram could cost your company millions if you're not ready.
“Importantly, cyber criminals no longer require highly technical people with specialised skills to develop malware – they can simply use AI. Therefore, we can expect a flurry of new types of attacks, more believable scams and increased door-knocks.”
The widespread adoption of AI without proper controls is increasing risk, as the truth can be deliberately obscured by very believable fabrications,” he says.
“Cyber defence innovation will need to catch up with this new wave as it grows, and organisations will need to use the same tools as effectively as threat actors do,” Denner says. “Traditional cyber security measures are struggling to keep pace with the speed and adaptability of AI-driven attacks. The non-deterministic nature of AI models complicates prediction and prevention efforts, and experts emphasise the need for AI-based defensive systems that can match the agility of offensive AI tools.”
AI will play an increasingly important role in cyber security, he says. “AI is becoming essential in threat detection and automated incident response, continuous vulnerability management, reducing alert fatigue in SOC operations, and compliance and risk scoring in real-time. It’s helping organisations move faster and smarter.
“Fundamentally, what's going to happen here is it's going to be a battle of the AIs – the good versus the bad. When an AI is attacking you from a hacker perspective and you've got an AI-based defence mechanism, which one's going to prevail? At SecureConekt, we’ve integrated AI into our entire security framework to help clients detect, respond and evolve to even AI-enabled attacks in real-time,” he says.
Paul wraps up by saying: "Let’s be clear: this is not the end of cyber security as we know it. It’s the beginning of a new chapter – where smart, responsive AI defences will separate the secure from the breached. At SecureConekt, we’re not just preparing for that future. We’re already building it."
This is the fourth in a series of press releases by CipherWave and SecureConekt on AI and cyber security. To read the full series, click here.
Share