Cyber Signals: Navigating cyberthreats and strengthening defenses in the era of AI

Today we released the sixth edition Cyber Signals, spotlighting how we are protecting artificial intelligence (AI) platforms from attempted abuse by nation-state threat actors.

In collaboration with OpenAI, we are sharing insights on state-affiliated threat actors tracked by Microsoft as Forest Blizzard, Emerald Sleet, Crimson Sandstorm, Charcoal Typhoon, Salmon Typhoon who have sought to use large language models (LLMs) to augment their ongoing attack operations. This important research exposes incremental early moves we observe these well-known threat actors taking around AI, and notes how we blocked their activity to protect AI platforms and users. At the same time, Microsoft is helping the wider security community to understand and detect the emerging prospects of LLMs in attack activity. We are recommending the inclusion of what we discovered in the MITRE ATT&CK® framework, to help security operations teams everywhere anticipate and recognize AI–assisted cyber threats.

This edition of Cyber Signals also shares insights into how we use AI to protect Microsoft and how threats actors are using AI to refine their attacks.

Cybercriminals and state-sponsored actors are harnessing AI to develop more sophisticated attack strategies, including the automation of attacks and the creation of convincing deepfakes for phishing campaigns and voice synthesis where a three-second voice sample can train a model to sound like anyone.

Microsoft uses several methods to protect itself from these types of cyberthreats, including AI-enabled threat detection to spot changes in how resources or traffic on the network are used; behavioral analytics to detect risky sign-ins and anomalous behavior; machine learning (ML) models to detect risky sign-ins and malware; Zero Trust, where every access request has to be fully authenticated, authorized, and encrypted; and device health to be verified before a device can connect to the corporate network.

AI’s role in cybersecurity is multifaceted, driving innovation and efficiency across various domains. From enhancing threat detection to streamlining incident response, AI’s capabilities are reshaping cybersecurity. The use of LLMs in cybersecurity is a testament to AI’s potential. These models, when used for good, can analyze vast amounts of data to uncover patterns and trends in cyber threats, adding valuable context to threat intelligence. They assist in technical tasks such as reverse engineering and malware analysis, providing a new layer of defense against cyberattacks.

Today’s organizations must build a secure foundation for working with AI and adopt AI-driven cybersecurity solutions that can adapt to evolving threats, detect anomalies in real-time, and respond swiftly to neutralize risks.

Microsoft’s approach to AI in cybersecurity is proactive and exploratory. We are delving into how AI can enhance our existing security measures, such as identifying patterns in large datasets and creating realistic simulations. We are also investigating innovative applications of AI, like using generative AI to develop secure code and employing machine learning to detect and respond to threats instantaneously.

Users of Microsoft Security Copilot have shown a 44% increase in accuracy across all tasks and a 26% faster completion rate. These figures highlight the tangible benefits of integrating AI into cybersecurity practices.

As we secure the future of AI, we must acknowledge the dual nature of technology: it brings new capabilities as well as new risks. AI is not just a tool but a paradigm shift in cybersecurity. It empowers us to defend against sophisticated cyber threats and adapt to the dynamic threat landscape. By embracing AI, we can ensure a secure future for everyone.

Related Posts

KPMG Schweiz gewinnt den Schweizer Microsoft Country Partner of the Year Award 2024

KPMG Schweiz ist für seinen wegweisenden Einsatz von künstlicher Intelligenz (KI) in der Dienstleistungsbranche ausgezeichnet worden und hat den renommierten Partner of the Year Award für seine innovative Partnerschaft mit Microsoft erhalten. Dank dieser Zusammenarbeit konnte KMPG seine Dienstleistungen mithilfe modernster KI-Technologie, darunter Azure OpenAI und Copilot für Microsoft 365, entscheidend ausbauen.

KPMG Suisse gagne le Swiss Microsoft Country Partner of the Year Award 2024

KPMG Suisse a été récompensé pour son utilisation pionnière de l’intelligence artificielle (IA) dans les services professionnels, en recevant le prestigieux prix « Partner of the Year » pour son partenariat innovant avec Microsoft. Cette collaboration a été essentielle dans l’engagement de KPMG à améliorer ses services avec des technologies d’IA de pointe, y compris Azure OpenAI et Copilot pour Microsoft 365.

KPMG Switzerland wins the Swiss Microsoft Country Partner of the Year Award 2024

KPMG Switzerland has been recognized for its trailblazing use of artificial intelligence (AI) in professional services, receiving the prestigious Partner of the Year Award for its innovative partnership with Microsoft. This collaboration has been instrumental in KPMG’s commitment to enhancing its services with state-of-the-art AI technologies, including Azure OpenAI and Copilot for Microsoft 365.

How to unlock new experiences on your Copilot+ PC

Copilot+ PCs are our fastest, most intelligent Windows PCs ever and are available for pre-order today and generally available beginning on June 18th. Today, we’re excited to share more information about our new advanced AI experiences that enable you to do things you can’t on any other PC, helping you be more productive, creative and communicate more effectively. These experiences are only available on new Copilot+ PCs.

Neue Anwendungen auf Copilot+ PC

Copilot+ PCs sind unsere schnellsten und intelligentesten Windows PCs. Sie können ab heute vorbestellt werden und sind ab dem 18. Juni im Handel verfügbar. Wir freuen uns, Ihnen heute Neuigkeiten zu fortschrittlichen KI-Anwendungen mitzuteilen, die so noch auf keinem anderen PC möglich und nur auf den neuen Copilot+ PCs verfügbar sind. Die Anwendungen werden Ihnen helfen, produktiver und kreativer zu sein und effektiver zu kommunizieren.