Artificial intelligence (AI) is fueling a new dimension in hacking, and it’s not just about software anymore. According to Bugcrowd’s 2024 Inside the Mind of a Hacker report, 77% of hackers are using AI with traditional hacking techniques, including the rising threat of AI-assisted hardware hacking. This shift is largely due to the increasing availability of cheaply made, vulnerable devices.
The Three Ts of AI: Tool, Target, and Threat
The growth of AI has drastically sped up attacks such as phishing campaigns while defenders benefit from more accurate, real-time intrusion detection.“At Bugcrowd, we frame this as the three Ts of AI: AI as a tool, a target, and a threat,” the report notes.
The appeal of AI to hackers as a tool is undeniable as 71% now say AI increases the value of their work, and for good reason: it makes hacking faster and more accessible. Techniques like fault injection, which from the inherent complexity of the timing structure could not have easily been implemented, can now be assisted by AI algorithms. AI also enables attackers to automate and parallelize breaches across multiple devices, making large-scale attacks easier.
With 83% of hardware hackers expressing confidence in exploiting AI-powered systems, AI systems are also attractive targets. Many models have access to sensitive data, and inadequate safeguards can leave them vulnerable to prompt injection attacks. One hacker even reported achieving remote code execution through an AI chatbot, exposing a major security flaw.
Moreover, AI itself poses a threat, both inadvertently and through manipulation. Hidden biases within AI algorithms can cause unintended harm, while malicious actors can poison AI model training data to produce erroneous outputs. The dangers presented by AI are changing so rapidly that 82% of hackers think that adequate countermeasures are behind current trends.
Bugcrowd’s CEO, Dave Gerry, states, “There is no denying that AI remains a strong force within the hacking community, changing the very strategies hackers are using to find and report vulnerabilities.”
AI as a Game-Changer in Hardware Hacking
Safe to say, hardware hacking is no longer a niche field as 81% of hardware hackers reportedly discovered new vulnerabilities in the past year, often exploiting weaknesses in smart devices used in homes and even medical settings.
With side-channel attacks and firmware manipulation becoming more common, the consequences of hardware hacking could be devastating—from altering domestic heating systems to compromising life-saving medical equipment.
As more and more devices become connected, the risk of widespread compromises heightens. Consequently, it is prudent for businesses to incorporate security into their design processes.
“Speaking with the companies developing hardware devices, I find that often, they don’t understand unless someone can handhold them through the process,” says Brandon Reynolds, a security expert quoted in the report.
The integration of AI into hacking practices and the rise of hardware hacking represent significant challenges for cybersecurity. As hackers continue to innovate, leveraging AI to enhance their capabilities, the need for robust, adaptive defenses has never been greater. Organizations must stay vigilant, continuously updating their security measures to protect against these sophisticated threats.