Artificial intelligence (AI) has long been the basis of cybersecurity. From malware detection to network traffic analysis, predictive machine learning models and other narrow AI applications have been used in cybersecurity for decades. As you approach artificial general information (AGI), the more powerful the possibility that AI can automate defenses and fix vulnerabilities.
However, to take advantage of such benefits, we need to understand and mitigate the risks of increasingly sophisticated AI being misused to enable or enhance cyberattacks. A new framework for assessing new offensive cyber capabilities in AI can help you do this accurately. This is the most comprehensive assessment of its kind to date. It covers every stage of the cyberattack chain, deals with a wide range of threat types, and is based on real data.
Our framework allows cybersecurity experts to identify which defenses are needed and how to prioritize malicious actors before exploiting AI to carry out sophisticated cyber attacks.
Building a comprehensive benchmark
The updated Frontier Safety Framework recognizes that advanced AI models can automate and accelerate cyberattacks and reduce attacker costs. This creates the risk of attacks being carried out at a larger scale.
Adapted to the new threats of AI-powered cyberattacks, we have adapted proven cybersecurity assessment frameworks such as Miter ATT & CK. These frameworks allowed us to assess threats across the end-to-end cyberattack chain, from reconnaissance to targeted actions, and across a range of possible attack scenarios. However, these established frameworks are not designed to consider attackers who use AI to violate the system. Our approach closes this gap by enabling fully automated cyberattacks, and actively identifying where AI can make attacks faster, cheaper or easier.
We analyzed over 12,000 real-world attempts to use AI in cyberattacks in 20 countries and used data from Google’s Threat Intelligence Group. This allowed us to identify general patterns of how these attacks unfold. From these, we curated a list of seven typical attack categories, including phishing, malware, and denial of service attacks, identifying key bottleneck stages along the cyberattack chain where AI can significantly destroy the traditional costs of attacks. By focusing your assessment on these bottlenecks, defenders can more effectively prioritize security resources.
Finally, we created an offensive cyberfunction benchmark to comprehensively assess the pros and cons of cybersecurity of the Frontier AI model. Our benchmark consists of 50 challenges covering the entire attack chain, including areas such as intelligence collection, vulnerability exploitation, and malware development. Our aim is to develop targeted mitigation for defenders and provide the ability to simulate AI-powered attacks as part of a red teaming exercise.
Insights from early evaluations
Initial evaluations using this benchmark alone suggest that current AI models are unlikely to allow for groundbreaking features of threat actors. However, as Frontier AI becomes more advanced, the types of possible cyberattacks will evolve and continual improvements in defence strategies will be required.
We also found that existing AI cybersecurity assessments often overlook key aspects of cyberattacks, such as hiding their existence and maintaining long-term access to compromised systems, and attackers hiding their existence. But that domain is precisely when an AI-driven approach is particularly effective. Our framework sheds light on this issue by discussing how AI lowers barriers to success in these parts of the attack.
Empower the cybersecurity community
As AI systems continue to expand, the ability to automate and enhance cybersecurity could transform the way defenders predict and respond to threats.
Our cybersecurity assessment framework is designed to support the shift by providing a clear perspective on how AI is misused and when existing cyber protections may be lacking. By highlighting these emerging risks, this framework and benchmarks will help cybersecurity teams to strengthen their defenses and stay ahead of the rapidly evolving threats.
