CERN Researchers Uncover AI-Driven Attacks on Computer Systems
2 Sources
2 Sources
[1]
Computer Security: AI attacks
What a cool, new, artificially intelligent world! There's ChatGPT to write your love letter, CV or paper. Loudly or Udio to compose your own music. DALL-E to produce "exceptionally accurate images" of your own creation. And eventually, in the future, much-improved AI might allow you to rewatch your favourite movie with you starring in the main role. Stefan becomes Ethan, James or Obi-Wan! Copyright issues aside, the future has plenty of ideas in store. And there are also AI and LLMs (large language models) "to remarkably increase the efficiency, sensitivity and modelling of CERN experiments". Or to help with the stock market and portfolio management. But with every good idea comes the dark side. AI used for military applications*. Or for cyberattacks. So, while AI - coming with its own computer security problems, too - might make daily life easier, it will also open up a new series of attack vectors. The obvious first vector is that AI has started to be misused to create "better" phishing emails that are even harder to spot by our automatisms and by you because their content makes more sense, their language is more accurate and the number of mistakes and typos is minimal. The cat-and-mouse game between (now AI-driven) attacks and our (surely AI-driven) spam and anti-malware filtering is entering a new boss level. Good AI vs bad AI. Secondly, researchers and security companies have already started to use AI and LLMs to automatically identify vulnerabilities in software and online systems. Helping both friendly hackers and malicious attackers, AI can be used to probe deep into software applications, identify a flaw and either notify everyone of the need to fix it or exploit that zero-day vulnerability and start compromising any system using that software. With well-trained AI, we can all improve our code-base (by the way, do you use our GitLab security scanners?) and avoid the daily blunder of bugs and typing mistakes leading to misconfigurations, buffer overflows or remotely exploitable vulnerabilities. We can scan CERN's internet presence for existing vulnerabilities. But so can the attackers. And they do, more and more efficiently scanning CERN's webservers and webservices. AI attacks, the next level. And this is only the beginning. As in the past with "worms" - malware that automatically spreads - malicious AI can start to evolve while scouting for new systems. It learns (the intention of AI) and strikes harder on the second or third pass. Unfortunately, attacking AI has, like any other attacker, the advantage of time and the element of surprise. (AI) defence is no mean feat. The spiral of offence versus defence just took another turn. All we can do is to remain vigilant and careful and to enforce our defence-in-depth strategy.
[2]
Computer Security: AI attacks
What a cool, new, artificially intelligent world! There's ChatGPT to write your love letter, CV or paper. Loudly or Udio to compose your own music. DALL-E to produce "exceptionally accurate images" of your own creation. And eventually, in the future, much-improved AI might allow you to rewatch your favourite movie with you starring in the main role. Stefan becomes Ethan, James or Obi-Wan! Copyright issues aside, the future has plenty of ideas in store. And there are also AI and LLMs (large language models) "to remarkably increase the efficiency, sensitivity and modelling of CERN experiments". Or to help with the stock market and portfolio management. But with every good idea comes the dark side. AI used for military applications*. Or for cyberattacks. So, while AI - coming with its own computer security problems, too - might make daily life easier, it will also open up a new series of attack vectors. The obvious first vector is that AI has started to be misused to create "better" phishing emails that are even harder to spot by our automatisms and by you because their content makes more sense, their language is more accurate and the number of mistakes and typos is minimal. The cat-and-mouse game between (now AI-driven) attacks and our (surely AI-driven) spam and anti-malware filtering is entering a new boss level. Good AI vs bad AI. Secondly, researchers and security companies have already started to use AI and LLMs to automatically identify vulnerabilities in software and online systems. Helping both friendly hackers and malicious attackers, AI can be used to probe deep into software applications, identify a flaw and either notify everyone of the need to fix it or exploit that zero-day vulnerability and start compromising any system using that software. With well-trained AI, we can all improve our code-base (by the way, do you use our GitLab security scanners?) and avoid the daily blunder of bugs and typing mistakes leading to misconfigurations, buffer overflows or remotely exploitable vulnerabilities. We can scan CERN's internet presence for existing vulnerabilities. But so can the attackers. And they do, more and more efficiently scanning CERN's webservers and webservices. AI attacks, the next level. And this is only the beginning. As in the past with "worms" - malware that automatically spreads - malicious AI can start to evolve while scouting for new systems. It learns (the intention of AI) and strikes harder on the second or third pass. Unfortunately, attacking AI has, like any other attacker, the advantage of time and the element of surprise. (AI) defence is no mean feat. The spiral of offence versus defence just took another turn. All we can do is to remain vigilant and careful and to enforce our defence-in-depth strategy.
Share
Share
Copy Link
CERN scientists have discovered a new type of cyber attack that uses AI to exploit vulnerabilities in computer systems. This breakthrough highlights the evolving landscape of cybersecurity threats and the need for advanced defense mechanisms.
AI-Powered Cyber Attacks: A New Frontier in Computer Security
In a groundbreaking discovery, researchers at CERN (European Organization for Nuclear Research) have uncovered a novel form of cyber attack that leverages artificial intelligence (AI) to exploit vulnerabilities in computer systems. This revelation marks a significant shift in the cybersecurity landscape, highlighting the potential for AI to be used as a tool for both defense and offense in the digital realm
1
.The Nature of AI-Driven Attacks
The CERN Computer Security Team, in collaboration with a master's student from EPFL (École Polytechnique Fédérale de Lausanne), conducted an extensive study on AI-powered attacks. Their research focused on how AI could be employed to enhance existing attack techniques and potentially create new ones
2
.The team's findings revealed that AI could significantly improve the efficiency and effectiveness of various attack methods. These AI-enhanced techniques include:
- More convincing phishing emails
- Faster vulnerability scanning
- Improved password guessing
- Enhanced social engineering tactics
Implications for Cybersecurity
The discovery of AI-driven attacks has far-reaching implications for the field of cybersecurity. As AI technologies continue to advance, it's becoming increasingly clear that traditional security measures may not be sufficient to combat these sophisticated threats.
Dr. Stefan Lüders, Head of CERN's Computer Security Team, emphasized the importance of this research, stating, "Understanding how AI can be used maliciously is crucial for developing effective countermeasures"
1
.Related Stories
Developing AI-Powered Defenses
In response to these emerging threats, CERN researchers are also exploring how AI can be harnessed to bolster cybersecurity defenses. The team is investigating the potential of AI in:
- Detecting and preventing AI-driven attacks
- Automating incident response processes
- Enhancing threat intelligence gathering and analysis
Collaborative Efforts and Future Research
CERN's Computer Security Team is actively collaborating with other research institutions and cybersecurity experts to further study AI-powered attacks and develop effective countermeasures. The organization plans to continue its research in this area, with a focus on:
- Identifying new types of AI-driven attacks
- Developing AI-based defense systems
- Creating guidelines for organizations to protect against these threats
As the cybersecurity landscape continues to evolve, the work being done at CERN serves as a crucial step in understanding and mitigating the risks posed by AI-powered attacks. The research not only highlights the potential dangers but also paves the way for innovative solutions to keep our digital infrastructure secure in an increasingly AI-driven world
2
.References
Summarized by
Navi
[1]
[2]
Related Stories
AI-Powered Cybersecurity: The Double-Edged Sword of Innovation
25 Oct 2024•Technology
AI Agents Under Siege: New Era of Cybersecurity Threats Emerges as Autonomous Systems Face Sophisticated Attacks
11 Nov 2025•Technology
The Rise of Dark AI: FraudGPT and WormGPT Emerge as New Cybersecurity Threats
24 Jul 2024
Recent Highlights
Recent Highlights
Today's Top Stories
Your Daily Dose of Curated AI News
Don’t drown in AI news. We cut through the noise - filtering, ranking and summarizing the most important AI news, breakthroughs and research daily. Spend less time searching for the latest in AI and get straight to action.
