The ferment in the banking industry touched off by the collapse of Silicon Valley Bank has created opportunities for fraud, as bad actors try to take advantage of the surrounding duress to launch attacks.
And artificial intelligence has only made a difficult situation worse.
When chaos strikes a financial institution, as it did at SVB, lenders turn their focus to staying alive. But because generally banks are consumer-based businesses, the bad guy’s focus will be on devising fake campaigns to try to siphon off money.
And in fact, shortly after SVB failed, reports started emerging that scammers were exploiting the situation to send malicious emails to customers affected by the collapse.
The advent of AI has compounded the problem because the speed from pivoting from an event to taking advantage of that event is now exponentially higher than before. If, in the past, it would take time for malicious actors to put together artifacts like videos and other narratives, technology has slashed the time to market.
This sort of campaign can now be launched very quickly and very massively because people can now whip up things like domains in a matter of minutes, unleash the campaign, and then disappear from the face of the earth as quickly as they appeared.
That’s a big challenge for the cyber community, especially when it’s in the midst of trying to put out a fire. Things are coming at us at a very high velocity and we have to react, but we’re not very well equipped to deal with these things. As a result, these types of fraud that try to take advantage of a bad situation are really effective.
Most of our controls and defenses today are reactive. We wait for something to show up, and only then devise something to counter its effect. Because AI-generated material can look so authentic and launch so quickly, by the time we figure out what has happened and come up with countermeasures, the damage is done. Our defenses won’t pick it up, because they won’t detect the trigger.
In the case of the banking industry, not only can millions of dollars be drained from customers’ accounts, but worse yet, the bank’s reputation will suffer. If you’re known for being the target of a big attack, that will affect your branding and cascade into other things.
Today, when texts are becoming favored platforms, we have even less technology to help us. With email, we have technologies filtering at the server and endpoint level. But with text, there aren’t a lot of technologies right now to process the text and send an alert. A bad guy’s success rate will go much higher than with email, and bad guys are always looking for the path of least resistance.
Right now, fewer than 20 companies are working on text protection, as opposed to over 500 companies providing email solutions. We don’t have a good answer for this yet. We are looking for innovation.
In the meantime, we have easy ways to at least mitigate things. If we implement zero trust, go to the fundamentals of DNS checks, and do different things at the ISP level, we will be able to significantly reduce the number of people being affected.
The consensus among CISOs that I’ve spoken to is that we’re heading for very, very difficult times. We need to shift from a reactive posture to looking for things that can help us.