Eugene Kaspersky Warns of AI-Driven Cybercrime: Rethink Security

Singapore, Apr 28 (PTI) Cybersecurity veteran Eugene Kaspersky has sounded a stark warning saying cybercriminals are leveraging artificial intelligence (AI) at a pace that is outstripping the ability of defenders to keep up, calling for a fundamental rethink of digital security strategies.

Kaspersky, founder of the global cybersecurity firm that bears his name, said cybercriminals are not only leveraging AI to automate attacks but are also outpacing defenders through unprecedented collaboration and agility.

"AI is in the hands of the bad guys. And the reality is that they use it more and more," he said, noting that deepfakes and AI-powered social engineering are now so advanced that "if someone calls you, don't trust anyone."

Kaspersky, in an interview to PTI, stressed that the digital battlefield is evolving rapidly, with attackers collaborating and innovating at an unprecedented speed.

He described the current era as the "age of cyber sabotage," where attacks on physical and digital infrastructure are not just theoretical but an everyday reality.

"It's not the future, it's reality," he said, noting that cyber sabotage and terrorism now routinely paralyse or destroy critical systems, even if such incidents rarely make headlines.

Kaspersky emphasised that the increasing geopolitical divisions have led to a fragmented cyberspace, severely hampering international cooperation against cybercrime.

"There are no borders in cyberspace. So, unfortunately, the bad guys feel very free to attack any victim, everywhere … There is no more cooperation between many countries. Unfortunately, that's reality," he said.

Kaspersky painted a nuanced picture about the coming together of AI and cybersecurity.

AI is increasingly leveraged by both cybercriminals and defenders. Professional hackers use AI to develop sophisticated malicious code and customise attacks, raising the stakes for cybersecurity teams. He also highlighted emerging concerns about AI manipulation, such as feeding corrupted data to AI systems to alter their behaviour -- a topic currently under active research at Kaspersky Labs.

However, Kaspersky also pointed out that AI is a double-edged sword.

"At the same time -- the cybersecurity companies -- they use AI to protect the customers," he said, describing how AI is being deployed to detect anomalies, analyse malicious code, and defend complex networks. The challenge, he argued, is to stay ahead of adversaries who are constantly adapting.

Defenders must embrace new paradigms, prioritise resilience by design, and prepare for a future where AI-driven attacks are the norm rather than the exception.

Kaspersky stressed the growing importance of securing supply chains, which are increasingly exploited by attackers as entry points.

Sharing threat intelligence and enforcing cybersecurity standards across supply chain partners are critical strategies, he noted.

A supply chain attack happens when hackers target a company by first breaking into one of its trusted suppliers or service providers. They use this trusted connection to sneak into the company's systems or spread malware, instead of attacking the company directly.

In response to the rapidly evolving threat landscape, Kaspersky advocated for a shift from traditional security models to what he calls "cyber immune systems."

Unlike conventional defences that try to detect and block known threats, cyber immunity is about designing systems that can inherently prevent and contain abnormal behaviour, regardless of whether a threat is known or unknown.

"Cyber immune systems are designed to stop any wrong behaviour. So, if we see the new malware, it doesn't matter. Is it polymorphic or not? Is it sleeping or active? Doesn't matter. If we see that a behaviour is changed, that (particular) component of the system will be stopped," Kaspersky explained.

He underscored the urgency of this approach for the Internet of Things (IoT), where the proliferation of diverse and often insecure devices presents unique challenges.