Cybercriminals are increasingly employing advanced AI technologies to enhance their operations, with a notable rise in activities linked to North Korean groups. According to Sherrod DeGrippo, Microsoft’s General Manager of Global Threat Intelligence, these developments were discussed in a recent interview with The Register.
DeGrippo pointed out that AI tools, referred to as “interview AI agents,” allow malicious actors to delegate essential tasks in preparation for cyberattacks, such as conducting reconnaissance and managing necessary infrastructure. She emphasized that while these tasks may appear less dramatic than direct hacking, they are crucial to the effectiveness of modern cybercrime.
In a blog post published on Friday, Microsoft detailed how these technologies enable criminals to execute attacks that are more sophisticated and larger in scale. The report highlighted the activities of North Korean threat groups, such as one identified as Coral Sleet, which utilize development platforms for rapid infrastructure deployment. This method facilitates quick staging, testing, and command-and-control operations for their campaigns.
DeGrippo also noted the dual approach of cybercriminals in utilizing both compromised legitimate infrastructure and creating their own systems for support. This trend showcases the evolving landscape of cyber threats as AI continues to play a significant role.