AI Brute Force: A New Era of Cybersecurity Threats

Bangkok: You may be familiar with the term "AI," or artificial intelligence, which has helped facilitate daily life. However, on the other hand, AI has also become a formidable weapon in the hands of hackers. When combined with cyberattack techniques known as "Brute Force," it becomes AI Brute Force, a new form of threat that makes system breaches and password guessing more sophisticated, faster, and dangerous than in the past.

According to Thai News Agency, the "Verify Before Sharing" center verified the information with Air Vice Marshal Amorn Chomchey, Secretary-General of the National Cyber Security Committee, who highlighted the growing concern over AI Brute Force attacks. These attacks involve using AI to rapidly breach security systems by intelligently gathering and analyzing data about victims to guess their passwords with alarming accuracy.

Brute force password hacking typically involves repeatedly guessing passwords, similar to randomly generating four-digit numbers to unlock a mobile phone, ranging from 0000 to 9999. Historically, this method had a relatively low chance of success due to its reliance solely on random guessing. But with the help of AI, the Brute Force technique has changed completely. AI is no longer just randomly generating numbers; it's trained to be "intelligent" in gathering and analyzing data about the victim before launching an attack.

AI Brute Force works through a systematic approach. Firstly, it retrieves personal information from victims' social media accounts, such as date of birth, workplace, pet's name, or the names of close contacts. This data is then analyzed to generate a password set likely used by the victim. The AI then employs targeted random guessing from this dataset, significantly increasing the chances of success compared to traditional brute force methods.

A prime example of this advancement is Antropic's Mythos project, which has learned various attack patterns, enabling it to identify vulnerabilities that humans might overlook and develop tools for hacking data.

As these attacks become more sophisticated, experts recommend implementing strict defensive measures. Limiting the number of login attempts is crucial-temporarily locking accounts after a specified number of incorrect password entries prevents AI from making unlimited guesses. Setting strong, hard-to-guess passwords that avoid personal information is essential. Additionally, enabling multi-factor authentication (2FA/MFA) adds an extra layer of security, requiring methods like OTP codes or fingerprint scanning alongside passwords.

AI brute force attacks represent a new challenge in the cyber age. Being aware and adjusting security settings is the best defense against these threats, keeping your personal data safe.