Across GenAI Today, we have written many articles that discuss the different ways GenAI is assisting various industries; whether it's done by automating tasks, personalizing experiences, and accelerating innovation.
In marketing, AI generates personalized content, product recommendations and targeted ad campaigns.
In healthcare, AI analyzes medical images for early disease detection, assists in drug discovery and generates personalized treatment plans.
In finance, AI automates tasks like fraud detection, generates personalized investment recommendations and analyzes market data to identify investment opportunities.
And in manufacturing, AI optimizes product design and production processes. (We also cannot forget that AI is used in fields like education, entertainment and customer service to enhance efficiency, creativity and overall user experience.)
With that said, there are those out there who use GenAI in malicious ways.
In fact, HP's latest Threat Insights Report shows how cybercriminals are using GenAI to write malicious code. The report analyzes real-world cyberattacks to help organizations stay informed about the latest techniques. Notable campaigns include the use of GenAI to create convincing phishing lures and the embedding of malicious code in SVG images.
One campaign identified involved a sophisticated malvertising campaign that led to rogue PDF tools. These tools, designed to appear legitimate, contained malicious code that allowed attackers to take over victims' browsers.
Additionally, the report found that cybercriminals are increasingly using SVG images to hide malware, as these images are often automatically opened in browsers.
Among the vectors, email threats remain the primary vector, with 12% bypassing email gateway scanners. Archives, particularly ZIP files, are the most common malware delivery type. These findings underscore the importance of robust security measures and ongoing vigilance against evolving threats.
The findings are based on data from millions of endpoints running HP Wolf Security.
“Typically, attackers like to obscure their intentions to avoid revealing their methods, so this behavior indicates an AI assistant was used to help write their code,” said Patrick Schläpfer, Principal Threat Researcher in the HP Security Lab. “Such capabilities further lower the barrier to entry for threat actors, allowing novices without coding skills to write scripts, develop infection chains and launch more damaging attacks.”
HP Wolf Security's unique approach allows it to isolate threats that have evaded traditional detection tools.
Basically, HP Wolf Security isolates risky tasks in virtual machines to protect users without affecting their productivity. It captures detailed traces of attempted infections and provides unique insights into threat actor behavior. This technology mitigates threats that can bypass other security tools.
Despite exposing customers to billions of potential threats, HP Wolf Security has not reported a single breach.
“Businesses must build resilience, closing off as many common attack routes possible,” said Dr. Ian Pratt, Global Head of Security for Personal Systems at HP Inc. “Adopting a defense-in-depth strategy — including isolating high-risk activities like opening email attachments or web downloads — helps to minimize the attack surface and neutralize the risk of infection.”
By understanding how GenAI is used to create more sophisticated and deceptive attacks, organizations can better prepare and protect themselves against these threats.
Be part of the discussion about the latest trends and developments in the Generative AI space at Generative AI Expo, taking place February 11-13, 2025 in Fort Lauderdale, Florida. Generative AI Expo covers the evolution of GenAI and will feature conversations focused on the potential for GenAI across industries and how the technology is already being used to create new opportunities for businesses to improve operations, enhance customer experiences, and create new growth opportunities.
Edited by
Alex Passett
