DeepSec 2023 Talk: Skynet wants your Passwords! The Role of AI in Automating Social Engineering – Alexander Hurbean & Wolfgang Ettlinger
We techies love solving problems with cool technology, to where we attempt to implement the economy in code. Although important in general, we know that, for example, blockchain, cryptography, and Secure Software Development Life Cycle (SSDLC) are irrelevant when the user enters their credentials on a phishing site. From an attacker’s point of view, though, we see that modern technologies such as artificial intelligence are immensely beneficial to attack one of the weakest links in security – humans. We will explore how modern technologies, for instance DeepFakes, Deep Neural Networks (DNNs), and Transformers, can be misused by bad actors. We will explore some interesting ideas for attacks, discuss their practical feasibility and show implementations of some of these attacks. We will also look at approaches to detect and defend against AI-powered attacks. We asked