Kathy Gibson reports from Gitex Africa Morocco 2024 – Generative artificial intelligence (GenAI) has the potential to help improve cybersecurity defences – but it can be a powerful threat actor too.

No-one is safe, says Ravi Bhat, chief technology and commercial solutions officer at Microsoft Africa.

And these breaches are costing us big: the average cost to an organisation is $4,5-million. “No-one has that kind of money in a slush fund.”

Bhat relates some of the details of an attack that took place two years ago, and which is known as “the Mother of all Breaches (MOAB)”. The breach was discovered in January this year by security researcher Bob Diachenko of Security Discovery.

In that breach, 26-billion records were impacted, comprising 12Tb of data from 3 876 organisations were compromised, and $10-trillion was demanded in ransom

“We have more of these attacks taking place all over the world, all the time,” Bhat adds. “They include financial institutions, telcos, healthcare organisations and governments, all of which have experienced hundreds of millions of dollars in ransomware attacks.”

Today, all organisations have a high propensity for being breached, unless they do something to actively prevent it.

The cybercriminals are very efficient. Indeed, if they were a country, they would have the third-largest GDP in the world, after the US and China – and it is growing faster than most economies,

Cybercriminals have an unfair advantage in that they are able to use technologies that are not available to many organisations. This has resulted in a marked increase in cyberattacks, along with a shift in their tactics.

But we are not in a position to meet the attacks, Bhat says. There are currently 3,6-million vacant jobs in cybersecurity, and no-one available to fill them. AI has a role to play in plugging this gap.

Rami Calache, cybersecurity lead for Africa at Microsoft, says generative AI (GenAI) is being used very effectively by attackers, which means that defenders should be using it too.

“At the same time, we need to secure and govern the GenAI tools that people are using to ensure they are not breached.”

He points out that the attackers only have to succeed in one of their attacks, but the defenders have to be successful all the time.

“If we are not using AI in defense, it is like using a sword and shield against a machine gun. It is not fair at all.”

Cybercrooks are using GenAI to develop new malware, to do automated vulnerability discovery, to customise exploits, to crack password, to create advance phishing and social engineering sites, to disguise malicious code, and to enhance their command and control communication to adapt and evolve their attacks.

“It is our vision to tip the scale towards the defenders,” Calache says.

To do this, Microsoft focuses on ensuring that the digital landscape is protecting users end to end.

“We also need to use large scale data and threat intelligence to identify attacks. And we have to ensure our GenAI tools are being used responsibly and securely.”

Microsoft has combined its traditional end to end security tools with Copilot for Security. “This is the first GenAI security product that empowers security and IT teams to defend at the speed of AI,” says Calache.