新的網(wǎng)絡(luò)安全威脅:AI代理
Christian Vasquez
2025-02-26
科技界正在熱議能夠自主執(zhí)行任務(wù)的AI“代理”所蘊(yùn)含的商業(yè)潛力,。但對(duì)于負(fù)責(zé)保護(hù)企業(yè)免受網(wǎng)絡(luò)犯罪侵害的安全從業(yè)者而言,,這類AI工具的涌入意味著他們需要應(yīng)對(duì)一個(gè)棘手的新對(duì)手。
安全專家將這種能夠分多個(gè)步驟自主解決問(wèn)題的"代理型"AI工具列為2025年最大的威脅之一,。盡管基于OpenAI的GPT模型等生成式工具的AI黑客攻擊,,尚未如人們所擔(dān)心的那樣猖獗,但AI代理正為網(wǎng)絡(luò)罪犯進(jìn)行強(qiáng)大的軍火庫(kù)升級(jí),,使這種工具的角色從基礎(chǔ)助手轉(zhuǎn)變?yōu)橛啦黄>氲摹胺e極且活躍的幫兇”,。
令人擔(dān)憂的是,在現(xiàn)有安全團(tuán)隊(duì)已疲于應(yīng)對(duì)的當(dāng)下,,這些新型AI代理可能對(duì)網(wǎng)絡(luò)安全防御者和企業(yè)形成巨大沖擊,。
網(wǎng)絡(luò)安全公司Malwarebytes的技術(shù)布道師馬克·斯托克利表示:“代理型網(wǎng)絡(luò)攻擊者帶來(lái)的風(fēng)險(xiǎn)在于,‘大型’網(wǎng)絡(luò)攻擊可能成為日常操作,,令安全團(tuán)隊(duì)不堪重負(fù),。”此類攻擊通常針對(duì)坐擁千萬(wàn)乃至上億美元資金的高價(jià)值目標(biāo),。
斯托克利指出,,AI代理“能極大擴(kuò)展大型勒索軟件攻擊的規(guī)模,使網(wǎng)絡(luò)罪犯擺脫當(dāng)前的技術(shù)瓶頸”,。
與此同時(shí),,谷歌(Google)威脅分析小組的最新研究顯示,以牟利為目的的黑客與試圖隱匿惡意行為的國(guó)家行為體正加強(qiáng)勾結(jié),。隨著犯罪生態(tài)對(duì)執(zhí)法行動(dòng)的韌性增強(qiáng),,美國(guó)及其盟國(guó)采用破壞性打擊手段的難度日益增加;在當(dāng)今網(wǎng)絡(luò)犯罪黑市中,,黑客更替猶如走馬燈般頻繁,。
谷歌威脅情報(bào)副總裁桑德拉·喬伊斯在聲明中表示:“網(wǎng)絡(luò)犯罪生態(tài)的核心市場(chǎng)讓每個(gè)參與者都易于被替代,整個(gè)體系具備抗干擾韌性,。遺憾的是,,我們的諸多行動(dòng)只能給犯罪分子帶來(lái)暫時(shí)的困擾,但我們絕不能掉以輕心,,必須加倍努力實(shí)現(xiàn)實(shí)質(zhì)性打擊,。”
迭代越快,,風(fēng)險(xiǎn)越高
專家警告稱,,正如OpenAI在2024年2月的報(bào)告中所言,當(dāng)前AI模型對(duì)“惡意網(wǎng)絡(luò)安全任務(wù)僅有有限增量能力”的時(shí)代即將終結(jié),。更嚴(yán)峻的是,,AI編程工具的普及將導(dǎo)致劣質(zhì)代碼激增,黑客及其AI代理可利用的漏洞也將隨之暴增,。
軟件安全公司Contrast Security的聯(lián)合創(chuàng)始人兼首席技術(shù)官杰夫·威廉姆斯表示:“不幸的是,,所有模型都基于存在漏洞的代碼訓(xùn)練,,它們所生成的代碼必然繼承缺陷。這意味著代碼越多,、漏洞越多,、迭代越快,用戶面臨的風(fēng)險(xiǎn)就越大,?!?/p>
Malwarebytes的斯托克利指出,勒索軟件攻擊的天然瓶頸在于,,高水平黑客的數(shù)量與防御專家規(guī)模的制衡。但隨著AI代理的擴(kuò)散,,這種平衡可能被打破,。
以釣魚郵件為例:針對(duì)已識(shí)破“尼日利亞王子”等低劣騙局的警惕用戶,黑客利用文本生成工具設(shè)計(jì)更逼真的騙局,。生成式AI工具能輕易擴(kuò)大此類攻擊的規(guī)模并提升可信度,,但它能為潛在黑客做的只有這些,而如何將惡意點(diǎn)擊轉(zhuǎn)化為持續(xù)收益仍是難題,。AI代理則可能指導(dǎo)潛在黑客在得手之后如何進(jìn)行后續(xù)操作,。
斯托克利認(rèn)為:“短期內(nèi),企業(yè)需借助自動(dòng)化技術(shù)盡量將攻擊面最小化,,讓安全團(tuán)隊(duì)專注于高影響,、高價(jià)值工作?!彼硎?,為了應(yīng)對(duì)規(guī)模不斷擴(kuò)大的威脅,企業(yè)未來(lái)的防御方向應(yīng)是投資網(wǎng)絡(luò)安全專用AI代理,。
Malwarebytes的報(bào)告警告,,資金雄厚的勒索軟件團(tuán)伙可能利用AI代理同時(shí)攻擊多個(gè)目標(biāo)。2024年,,盡管LockBit,、ALPHV等大型犯罪團(tuán)伙遭到執(zhí)法機(jī)構(gòu)的更多打擊,但已知攻擊增加數(shù)量仍創(chuàng)歷史新高,。
谷歌的最新報(bào)告顯示,,隨著更多國(guó)家試圖從黑客處購(gòu)買網(wǎng)絡(luò)工具和能力,攻擊規(guī)?;?qū)⑦M(jìn)一步擴(kuò)大,。
報(bào)告指出:“每日海量發(fā)生的逐利型網(wǎng)絡(luò)入侵會(huì)產(chǎn)生累積效應(yīng),不僅削弱國(guó)家經(jīng)濟(jì)競(jìng)爭(zhēng)力,,更令防御者不堪重負(fù),,導(dǎo)致戰(zhàn)備水平下降與職業(yè)倦怠,。”
一場(chǎng)看似普通的勒索軟件攻擊,,幕后可能是國(guó)家扶持的黑客,,他們擁有遠(yuǎn)超普通黑客的資源與耐心,對(duì)企業(yè)的威脅程度將呈指數(shù)級(jí)上升,。
面對(duì)國(guó)家扶持的黑客,,企業(yè)雖常處劣勢(shì),但可通過(guò)基礎(chǔ)安全措施實(shí)現(xiàn)自我保護(hù),,例如升級(jí)遺留系統(tǒng),,這類系統(tǒng)最容易成為勒索軟件團(tuán)伙和國(guó)家黑客的首選目標(biāo)。(財(cái)富中文網(wǎng))
譯者:劉進(jìn)龍
審校:汪皓
科技界正在熱議能夠自主執(zhí)行任務(wù)的AI“代理”所蘊(yùn)含的商業(yè)潛力,。但對(duì)于負(fù)責(zé)保護(hù)企業(yè)免受網(wǎng)絡(luò)犯罪侵害的安全從業(yè)者而言,,這類AI工具的涌入意味著他們需要應(yīng)對(duì)一個(gè)棘手的新對(duì)手。
安全專家將這種能夠分多個(gè)步驟自主解決問(wèn)題的"代理型"AI工具列為2025年最大的威脅之一,。盡管基于OpenAI的GPT模型等生成式工具的AI黑客攻擊,,尚未如人們所擔(dān)心的那樣猖獗,但AI代理正為網(wǎng)絡(luò)罪犯進(jìn)行強(qiáng)大的軍火庫(kù)升級(jí),,使這種工具的角色從基礎(chǔ)助手轉(zhuǎn)變?yōu)橛啦黄>氲摹胺e極且活躍的幫兇”,。
令人擔(dān)憂的是,在現(xiàn)有安全團(tuán)隊(duì)已疲于應(yīng)對(duì)的當(dāng)下,,這些新型AI代理可能對(duì)網(wǎng)絡(luò)安全防御者和企業(yè)形成巨大沖擊,。
網(wǎng)絡(luò)安全公司Malwarebytes的技術(shù)布道師馬克·斯托克利表示:“代理型網(wǎng)絡(luò)攻擊者帶來(lái)的風(fēng)險(xiǎn)在于,‘大型’網(wǎng)絡(luò)攻擊可能成為日常操作,,令安全團(tuán)隊(duì)不堪重負(fù),。”此類攻擊通常針對(duì)坐擁千萬(wàn)乃至上億美元資金的高價(jià)值目標(biāo),。
斯托克利指出,,AI代理“能極大擴(kuò)展大型勒索軟件攻擊的規(guī)模,使網(wǎng)絡(luò)罪犯擺脫當(dāng)前的技術(shù)瓶頸”,。
與此同時(shí),,谷歌(Google)威脅分析小組的最新研究顯示,以牟利為目的的黑客與試圖隱匿惡意行為的國(guó)家行為體正加強(qiáng)勾結(jié),。隨著犯罪生態(tài)對(duì)執(zhí)法行動(dòng)的韌性增強(qiáng),,美國(guó)及其盟國(guó)采用破壞性打擊手段的難度日益增加;在當(dāng)今網(wǎng)絡(luò)犯罪黑市中,,黑客更替猶如走馬燈般頻繁,。
谷歌威脅情報(bào)副總裁桑德拉·喬伊斯在聲明中表示:“網(wǎng)絡(luò)犯罪生態(tài)的核心市場(chǎng)讓每個(gè)參與者都易于被替代,整個(gè)體系具備抗干擾韌性,。遺憾的是,,我們的諸多行動(dòng)只能給犯罪分子帶來(lái)暫時(shí)的困擾,,但我們絕不能掉以輕心,必須加倍努力實(shí)現(xiàn)實(shí)質(zhì)性打擊,?!?/p>
迭代越快,風(fēng)險(xiǎn)越高
專家警告稱,,正如OpenAI在2024年2月的報(bào)告中所言,,當(dāng)前AI模型對(duì)“惡意網(wǎng)絡(luò)安全任務(wù)僅有有限增量能力”的時(shí)代即將終結(jié)。更嚴(yán)峻的是,,AI編程工具的普及將導(dǎo)致劣質(zhì)代碼激增,,黑客及其AI代理可利用的漏洞也將隨之暴增。
軟件安全公司Contrast Security的聯(lián)合創(chuàng)始人兼首席技術(shù)官杰夫·威廉姆斯表示:“不幸的是,,所有模型都基于存在漏洞的代碼訓(xùn)練,,它們所生成的代碼必然繼承缺陷。這意味著代碼越多,、漏洞越多,、迭代越快,,用戶面臨的風(fēng)險(xiǎn)就越大,。”
Malwarebytes的斯托克利指出,,勒索軟件攻擊的天然瓶頸在于,,高水平黑客的數(shù)量與防御專家規(guī)模的制衡。但隨著AI代理的擴(kuò)散,,這種平衡可能被打破,。
以釣魚郵件為例:針對(duì)已識(shí)破“尼日利亞王子”等低劣騙局的警惕用戶,黑客利用文本生成工具設(shè)計(jì)更逼真的騙局,。生成式AI工具能輕易擴(kuò)大此類攻擊的規(guī)模并提升可信度,,但它能為潛在黑客做的只有這些,而如何將惡意點(diǎn)擊轉(zhuǎn)化為持續(xù)收益仍是難題,。AI代理則可能指導(dǎo)潛在黑客在得手之后如何進(jìn)行后續(xù)操作,。
斯托克利認(rèn)為:“短期內(nèi),企業(yè)需借助自動(dòng)化技術(shù)盡量將攻擊面最小化,,讓安全團(tuán)隊(duì)專注于高影響,、高價(jià)值工作?!彼硎?,為了應(yīng)對(duì)規(guī)模不斷擴(kuò)大的威脅,企業(yè)未來(lái)的防御方向應(yīng)是投資網(wǎng)絡(luò)安全專用AI代理,。
Malwarebytes的報(bào)告警告,,資金雄厚的勒索軟件團(tuán)伙可能利用AI代理同時(shí)攻擊多個(gè)目標(biāo),。2024年,盡管LockBit,、ALPHV等大型犯罪團(tuán)伙遭到執(zhí)法機(jī)構(gòu)的更多打擊,,但已知攻擊增加數(shù)量仍創(chuàng)歷史新高。
谷歌的最新報(bào)告顯示,,隨著更多國(guó)家試圖從黑客處購(gòu)買網(wǎng)絡(luò)工具和能力,,攻擊規(guī)模或?qū)⑦M(jìn)一步擴(kuò)大,。
報(bào)告指出:“每日海量發(fā)生的逐利型網(wǎng)絡(luò)入侵會(huì)產(chǎn)生累積效應(yīng),,不僅削弱國(guó)家經(jīng)濟(jì)競(jìng)爭(zhēng)力,更令防御者不堪重負(fù),,導(dǎo)致戰(zhàn)備水平下降與職業(yè)倦怠,。”
一場(chǎng)看似普通的勒索軟件攻擊,,幕后可能是國(guó)家扶持的黑客,,他們擁有遠(yuǎn)超普通黑客的資源與耐心,對(duì)企業(yè)的威脅程度將呈指數(shù)級(jí)上升,。
面對(duì)國(guó)家扶持的黑客,,企業(yè)雖常處劣勢(shì),但可通過(guò)基礎(chǔ)安全措施實(shí)現(xiàn)自我保護(hù),,例如升級(jí)遺留系統(tǒng),,這類系統(tǒng)最容易成為勒索軟件團(tuán)伙和國(guó)家黑客的首選目標(biāo)。(財(cái)富中文網(wǎng))
譯者:劉進(jìn)龍
審校:汪皓
The tech industry is abuzz over the business potential of AI “agents,” which can execute tasks on their own. For those tasked with protecting organizations against cybercriminals however, the influx of AI agents will mean preparing for a challenging new adversary to contend with.
Security experts now view “agentic” AI tools that engage in multi-step problem solving and act on them autonomously as one of 2025’s biggest threats.And while the explosion of AI-enabled hacks powered by generative tools like OpenAI’s GPT models may not have been as bad as some feared, AI agents present cybercriminals with a powerful new upgrade to their arsenal, changing the tool from a basic assistant to an active and eager co-worker that never needs to sleep.
The concern is that these new AI agents could overwhelm cybersecurity defenders and businesses alike at a time when the workforce is struggling to keep up.
“The risk of agentic attackers is that it could make ‘big game’ attacks an everyday norm, overwhelming security teams,” said Mark Stockley, cybersecurity evangelist at the cyber firm Malwarebytes. Big game attacks are typically high-profile targets with millions or billions in company coffers.
Stockley said that AI agents “could scale up big game ransomware attacks enormously, freeing cybercriminals from the scaling problems that currently hold them back.”
At the same time, new research from Google’s Threat Analysis Group is showing tighter collaborations between criminal hackers looking for financial gain and nation-states seeking to hide malicious activity. The U.S. and international allies face increasing difficulty using disruptive methods as the criminal ecosystem becomes more resilient against law enforcement activities; malicious hackers are quick to replace and be replaced in today’s criminal underworld.
“The marketplace at the center of the cybercrime ecosystem has made every actor easily replaceable and the whole problem resilient to disruption. Unfortunately, many of our actions have amounted to temporary inconveniences for these criminals, but we can’t treat this like a nuisance and we will have to work harder to make meaningful impacts,” Sandra Joyce, vice president of Google Threat Intelligence, said in a statement.
More velocity, more risk
Experts warn that the time is drawing to a close when current AI models amount to “l(fā)imited incremental capabilities for malicious cybersecurity tasks” as OpenAI noted in a February 2024 report. What’s more, the increase of AI-tools for software development will inevitably result in an increase in bad code, and as a result, more vulnerabilities will be available for hackers and their AI agents to abuse.
“Unfortunately, all the models were trained on code that has vulnerabilities, so the generated code will too. That means more code, more vulnerabilities, more velocity, and more risk for consumers,” said Jeff Williams, co-founder and chief technology officer at the software security firm Contrast Security.
Stockley, of Malwarebytes, points out that one of the natural bottlenecks on ransomware attacks has long been the amount of skilled hackers plying their trade, versus the skilled security professionals working to stop them. That balance could be upset as AI agents proliferate.
Take email phishing as an example: hackers use text generation tools to create realistic lures for victims who have become wise to lower-quality scams such as the fake Nigerian prince. Generative AI tools are an easy way to increase the scale and believability of those types of attacks — but that can only get a would-be hacker so far, since learning how to turn a malicious click into steady income is a challenge not as easily solved. Agents could be the next step to advising those would-be hackers on what to do after successfully tricking a victim.
“In the short term, organizations will need to turn to automation to ensure their attack surface is always as small as possible, and that security teams are free to focus on high impact, high value work,” said Stockley. Future goals for a business looking to keep up with the scale of threats would be to invest in cybersecurity-focused AI agents to further scale up defensive efforts, he said.
Malwarebyte’s report warns that well-funded ransomware gangs could use agents to attack multiple targets at the same time. Already, 2024 saw the biggest increase of known attacks even as some of the largest players like LockBit and ALPHV saw increased disruptions from law enforcement.
The scale of attacks is further expected to be exacerbated by the increase of states looking to purchase cyber tools and capabilities from criminal hackers, according to Google’s latest report.
“The enormous volume of financially motivated intrusions occurring every day also has a cumulative impact, hurting national economic competitiveness and placing huge strain on cyber defenders, leading to decreased readiness and burnout,” said Google’s report.
A cyberattack that appears to be a run-of-the-mill ransomware extortion could actually be state-backed hackers with far more resources and patience than your typical hacker and raising the threat to a business exponentially.
Businesses looking to protect themselves against state-backed hackers are often far outmatched, but can protect themselves by taking some basic security steps to modernize legacy systems, which is often an easy first target by ransomware gangs and state-backed hackers alike.
財(cái)富中文網(wǎng)所刊載內(nèi)容之知識(shí)產(chǎn)權(quán)為財(cái)富媒體知識(shí)產(chǎn)權(quán)有限公司及/或相關(guān)權(quán)利人專屬所有或持有,。未經(jīng)許可,,禁止進(jìn)行轉(zhuǎn)載、摘編,、復(fù)制及建立鏡像等任何使用,。
