Splunk: AI isn't making spear phishing more effective

Despite increased concerns, AI tools won't give adversaries an advantage when it comes to sending effective phishing emails, according to new research by Splunk's Surge security research team.
In a blog post Thursday, Tamara Chacon, security strategist at Splunk, shared the results of a study that tested AI's ability to create or translate spear phishing emails into English.
The research compared the efficacy of human-generated phishing emails with AI-generated phishing emails, as well as AI-translated and legacy online-translated phishing content.
Surge used three of the most popular generative AI translation services and two of the most popular legacy AI translation tools.
For the human-generated side, four security professionals wrote emails in their native languages and Surge had them translated into English.
Researchers chose to use Russian, Korean, Chinese and Farsi, the languages of the Five Eyes primary adversaries.
For the research, Surge referred to the AI tools as Gen-AI 1, Gen-AI 2, and Gen-AI 3 and the two legacy online translation tools as Legacy Translator 1 and Legacy Translator 2.
Surveyed participants included 100 Splunk employees.
The results showed enterprises should be less concerned with AI and continue to focus on social engineering awareness to defend against phishing attacks.
Efficacy of the phishing emails was the same whether written by AI, legacy AI or a human.
During the research, Surge observed that some generative AI models were more effective for translating certain languages compared with others.
In the blog post, Chacon highlighted how Gen-AI 1 wrote the Farsi language from left to right, instead of right to left as intended.
Successful social engineering campaigns that leverage phishing emails have been on the rise.
Okta suffered a social engineering campaign earlier this year that led to significant fallout, particularly for Las Vegas-based MGM Resorts.
Splunk recently published The CISO Report that showed one of CISO's top concerns was that AI would lead to more efficient social engineering attacks.
While phishing attacks have been successful without AI tools, Ryan Kovar, distinguished security strategist at Splunk, said he observed increased concerns in the space.
The research proved enterprises should not prioritize that particular security concern at the moment.
On the other hand, he said, employees haven't gotten better at identifying phishing emails and all it takes is one person to click a malicious link.
Next, Surge will expand the sample size across different verticals, as well as examine the efficacy of speed that AI tools might add to spear phishing attacks.
Arielle Waldman is a Boston-based reporter covering enterprise security news.


This Cyber News was published on www.techtarget.com. Publication date: Thu, 14 Dec 2023 15:13:08 +0000


Cyber News related to Splunk: AI isn't making spear phishing more effective