0:04 ladies and gentlemen data is the new
0:07 gold we are becoming more and more
0:09 involved with it in our daily lives
0:12 whether it be the Internet of Things
0:14 self-driving Cars Smart AI or even the
0:16 up and cominging neuralink all of them
0:18 rely on the flow of data to operate with
0:21 increasing Reliance on data to drive
0:22 day-to-day operations this begs the
0:24 question how do we know that all of this
0:27 data is secure and safe from the hands
0:29 of hackers
0:30 this is a question that goes mostly
0:32 unanswered and will be the main focus of
0:34 my talk today with cyber attacks and
0:37 data breaches escalating exponentially
0:39 in size and severity neglecting cyber
0:41 security is an issue that empowers
0:44 hackers Beyond anyone's wildest
0:45 imaginations and a mistake that will
0:47 cost us colossally in the long
0:49 run now in order to truly go beyond the
0:53 human in order to truly move forward as
0:55 a species we must ensure that the tools
0:57 we use to do so are safe and secure for
0:59 every everyone to
1:01 use now I would like to set the scene
1:04 I'm sure you've all seen the advanced AI
1:07 models and their magical capabilities uh
1:09 open AI uh chat GPT Google's B github's
1:13 co-pilot you name it you some of you
1:15 might have even used it to increase your
1:17 productivity tenfolds ladies and
1:19 gentlemen what if I told you that you
1:21 were not the only people using these to
1:24 increase your
1:25 productivity as it stands like a dog is
1:28 a man's best friend AI is a hacker's
1:31 best friend and it proves a surprisingly
1:33 capable assistant in manipulating both
1:35 the human and the
1:37 computer now this brings me to my first
1:41 point which is ai's ability to write
1:43 malware and exploit code now while AI
1:47 models are centuries even Millennia away
1:49 from actually replacing programmers
1:51 that's not to say that they aren't
1:52 efficient at writing code namely
1:55 dangerous code that can be used against
1:57 internet infrastructure and systems
1:58 worldwide to prove prove my point I
2:01 asked a nondescript AI to write me
2:05 malware now disclaimers do not under any
2:08 circumstances do this this is for
2:09 educational purposes only that being
2:12 said this is its response and here is
2:16 what it
2:17 returned Now ladies and gentlemen this
2:20 right here is a polymorphic
2:22 self-encrypting virus what this virus
2:25 does for those of you who are unfamiliar
2:26 with computer terminology is it is a
2:29 virus that can change its appearance at
2:31 will which makes it very very difficult
2:33 to track and basically makes it go
2:35 undetected by most antivirus Solutions
2:37 today now keep in mind ladies and
2:39 gentlemen that this was created in
2:41 seconds by a board high schooler imagine
2:44 what a hacker with more Ingenuity and
2:46 more time on their hands can do is this
2:48 terrifying you yet it gets
2:52 worse consider the fact that most
2:54 companies nowadays neglect cyber
2:57 security yes even the major ones for for
2:59 example Toyota in May 2023 released
3:03 released the fact that they had been the
3:05 victim of a decade long data breach
3:08 which compromised millions of user
3:10 accounts with cyber attacks increasing
3:13 rampantly and becoming much more Savage
3:17 and companies stagnating and refusing to
3:20 improve their cyber policies this stands
3:23 to lead to a cataclysm ladies and
3:25 gentlemen in which your data is the
3:28 victim
3:30 now the intrinsic value of AI to a
3:33 hacker is not in its ability to write
3:35 bad code it is actually in its ability
3:37 to manipulate people social engineering
3:40 is a class of attack that is becoming
3:42 increasingly more prevalent with 41% of
3:44 major breaches happening due to uh this
3:47 type of attack now it it is an attack
3:50 which involves a hacker manipulating a
3:53 human and coercing them into try uh into
3:55 doing their
3:56 bidding so AI can also help with this in
4:00 a very very efficient manner now now
4:03 let's take a look at this from the hands
4:04 of a hacker right so here is our victim
4:07 John Doe so we want is Bank details the
4:10 first step is we basically compile a
4:12 list of public information so we found
4:15 online via social media and other forums
4:17 that he's 23 he's Junior analyst uh he's
4:20 a bit of a hustler and he's kind of
4:22 struggling with his finances so we Ed
4:24 this and feed it to this AI model once
4:26 again non descript for legal reasons and
4:29 it returns a very very efficient very
4:33 very convincing script over here which
4:37 is sent which would be sent in an email
4:39 to him which would get him to click on a
4:40 mips link now this uh email prompt uses
4:46 time urgency and consequences introduces
4:49 consequences in order to get him to
4:51 click on a link now Ladi and gentlemen
4:54 you might think that oh yeah this is
4:55 just a simple scam email I won't fall
4:57 for this well I have two things is safe
4:59 to that both of them indicate that you
5:01 are wrong first off it is becoming
5:03 increasingly harder for people to tell
5:05 the difference between AI generated
5:07 content and real content and second off
5:09 a 2021 study conducted by it firm AAG
5:13 looked into fishing attacks and found
5:15 that the success rate jumped from 18% to
5:17 51% when the attacks were personalized
5:19 like we did here now ladies and
5:23 gentlemen that is a coin toss
5:25 probability do you want the Integrity of
5:27 your
5:28 data reliant on a coin
5:31 TOS now some of you might roll your eyes
5:34 At The Mention of your data think it's
5:35 completely different completely separate
5:37 from who you are as a person and think
5:39 it has no bearing on your life well
5:42 let's contextualize this ladies and
5:43 Gentlemen let's play a game raise your
5:46 hands if you have bought something
5:48 online at any point in
5:51 time raise your hands if you have
5:54 private documents on your computer or if
5:56 youve done something private
5:58 online
6:00 raise your hands ladies and gentlemen if
6:02 you have a smart device such as an
6:04 Amazon Alexa or Google home sitting in
6:06 your house right
6:07 now the majority of you said yes ladies
6:10 and gentlemen all this data act as
6:13 strings to which a sufficiently skilled
6:15 hacker can control you like a puppet as
6:17 a result security of your data
6:20 matters now we've kind of looked at how
6:23 exactly hackers can use modern
6:25 Technologies to kind of uh you know
6:29 Havoc start chaos but one thing I think
6:32 that is even more important is how do we
6:34 fight back Where Do We Go From Here
6:36 simple We Fight Fire with Fire so you
6:41 can use these AI generative models as
6:43 well to uh read Kafkaesque absurdly long
6:46 terms and conditions to actually make
6:48 informed decisions based on how the
6:50 companies how companies handle your data
6:52 this is a very efficient tool as it
6:54 allows you to get to what matters most
6:57 Furthermore with the rise of social
6:59 engineering ing attacks you can also use
7:01 generative AI to detect these social
7:03 engineering attacks as these models are
7:05 very efficient at detecting what they
7:08 have generated
7:10 furthermore if you are a programmer you
7:13 can also use generative AI to write
7:15 mundane boilerplate code in templates so
7:17 you can focus on the bigger picture as a
7:19 whole uh you know system security
7:21 scalability and efficiency all of this
7:24 combines to make a very very very robust
7:27 cyber strategy and secure your data
7:29 pretty efficiently Now ladies and
7:32 gentlemen as I've said before in order
7:35 to truly go beyond the human cyber
7:38 security must be considered in order it
7:41 is something that is beyond every single
7:43 one of us and it is something that we
7:44 are all responsible for in order to
7:46 usher in a new age we must make sure
7:48 that the tools used to do so are safe
7:51 thank you ladies and
7:53 [Applause]
7:57 gentlemen
Chrome Extension