“The future of malware” is a trigger for most of us in computer security. Most cyber professionals have an idea of what they think malware looks like in the next few years, but truly few of us write about it or document it in a formal way. In 2013, I presented on the “future of malware”. My predictions at the time were that initial attack vectors would pivot strongly away from IP based network attacks and towards (1) social engineering, (2) insider threats, and (3) overprivileged systems. At the time, application sandboxing was somewhat in an infancy (especially phone based applications), and phishing was gaining speed. Stuxnet was at the time a recent exploitation that was still being discussed in the industry.
Since then, Target was attacked through an over privileged thermostat — it was a control unit that was on the same layer of protected network as the rest of the enterprise and credit card machines. Then along came SolarWinds, where the attackers compromised service delivery of an application that was then distributed by the vendor to their clients.
Asking ChatGPT “The future of malware”
Without much further ado, I’d like to present an interview with ChatGPT, and discovering what an artificial intelligence makes of the future of malware.
ChatGPT was asked to write a 1000 word essay on the future of malware. This is the result. I’ve added notes to each paragraph. ChatGPT content is italicized.
Malware, short for “malicious software,” is a term used to describe any software that is designed to harm or exploit computer systems. It has been a significant threat to individuals and organizations for many years, and it is likely that it will continue to pose a threat in the future.
This is an accurate description to the question “what is malware?”, and the status of malware in the industry. Kudos ChatGPT.
One trend that is likely to continue is the increasing use of malware as a tool for cybercrime, such as ransomware attacks that hold data hostage until a ransom is paid. These attacks can be especially damaging to businesses, as they can disrupt operations and lead to lost productivity and revenue. In recent years, there has been a rise in the use of ransomware as a tool for extortion, and it is likely that this trend will continue in the future.
Types of malware come in many forms. My own opinion of this is that the trend is likely to pivot to data exfiltration and blackmail based on content (compromising the Confidentiality of data while leaving the data itself largely intact and Available) rather than the current lock and hold for ransom (Availability disruption). My basis for this argument is that more companies are using endpoint protection, “thinner” clients, and vendor segmented SAAS solutions where Encryption of large scales of data will be difficult. That said, this is a professional opinion, and I wouldn’t say ChatGPT is “wrong”. Kudos ChatGPT.
Another trend that is likely to continue is the increasing sophistication of malware. As security measures and technologies evolve, malware will also continue to evolve to become more sophisticated and harder to detect and remove. This could include the use of machine learning algorithms to evade detection and the development of “zero-day” vulnerabilities, which are security vulnerabilities that are unknown to the vendor and can be exploited by attackers before a patch is available.
Well, on this one there are a lot of fancy words being used like “sophistication of malware”, “evolve”, and “zero day”, all of which many of us in cyber war have written about. I’m going to say this paragraph is more fluff than fodder No bonus points ChatGPT.
One potential future development in the field of malware is the use of artificial intelligence (AI) and machine learning algorithms by both attackers and defenders. On the one hand, AI and machine learning could be used by attackers to more effectively evade detection and launch more sophisticated attacks. On the other hand, AI and machine learning could also be used by defenders to more effectively identify and respond to malware attacks.
Agreed, and it is of benefit that artificial intelligence is being mentioned. To note, my thesis is in Artificial Intelligence, and I likely would not have mentioned AI in attack and exploitation. While this paragraph doesn’t present many details, it does bring up the subject. So… Kudos to ChatGPT for mentioning it.
Another potential future development is the increasing use of malware in the Internet of Things (IoT). As more and more devices are connected to the internet, they become potential targets for malware attacks. This could include attacks on smart home devices, industrial control systems, and other connected devices. Protecting against these types of attacks will require new approaches and technologies.
Agreed, yes, absolutely. The security perimeter becomes the node or system itself, instead of some artificial boundary between “enterprise” and “Internet”. Up until 2010 or so, breaking the perimeter usually meant bypassing the firewalls protecting the Internet border. That border is now already broken, because IOT (such as that thermostat at Target, or even SolarWinds if it is considered an appliance) is already in the building. Kudos ChatGPT.
To protect against future threats, it is important for individuals and organizations to implement strong security measures, such as keeping software and security systems up to date, using antivirus and firewall software, and being cautious when opening emails or downloading files from the internet. It is also important to regularly back up important data to prevent loss in the event of a successful malware attack.
Hmm. This paragraph on malware protection really seems to fall short. Anti-malware software only helps once signatures have been developed. Patching systems, using antivirus, check, agreed. However, earlier ChatGPT mentioned zero days, and of course zero days have no patch. I think ChatGPT should have tied these two concepts together. Good ideas ChatGPT, but there is something missing.
In addition, it will be important for individuals and organizations to stay informed about new threats and developments in the field of malware. This could include staying up to date on security patches and updates, participating in security awareness training, and staying informed about the latest trends and techniques used by attackers.
There is a quote from the cold war that I’m going to paraphrase for cyber warfare. “In order to beat an attack, you have to think like an attacker.” Defenders will never win until they become the attacker. My recommendation is to regularly rotate the Defender staff out to Attacker mode, let them learn the Attack and Exploitation game, then come back and Defend for awhile while the next group rotates out. A defender will never win until they think like the attacker, and even then, the defender cannot “win”, they can only thwart an attack that is underway. As soon as the Attacker recognizes the Defender has caught on, the Attacker then pivots to a new Attack vector. So… with regard to “staying informed”, I’d say that is implemented as, let the Defender put the Attack hat on from time to time. Kudos to ChatGPT.
In conclusion, the future of malware is likely to be marked by increased sophistication and the use of new technologies, such as AI and machine learning. Protecting against these threats will require strong security measures and a proactive approach to staying informed about new developments in the field. By taking these precautions, individuals and organizations can help protect themselves against the ever-evolving threat of malware.
Great conclusion. Kudos ChatGPT.
ChatGPT as of 2022 provides some clever ideas and insights, and puts together a reasonable basic essay. There doesn’t seem to be much depth, and ChatGPT doesn’t bridge ideas together. There are what I call “flower words and phrases”, such as “increased sophistication” and “new technologies” without explaining why. Diving into this, every year the technology world experiences “increased sophistication” and “new technologies” — so the words and phrases really don’t do much to increase the sophistication of the essay, or to help the reader understand why these statements are being made.
For basic layout, the Chat bot does a decent job at assembling a basic non sophisticated essay. For this example in discovering the future of malware, the bot did a basic 101 level essay on the topic, but not much more.
Chess computers have been theorized for a hundred years. The Cray Blitz in the 1980s was the first chess automaton to register as a chess master. Twenty years later in 2006, the world champion Vladimar Kramnik is defeated by Deep Fritz in a 4-2 match. No human has topped a chess computer since.
In the same way, ChatGPT is in its infancy. This is just the beginning. Today, ChatGPT is demonstrating basic and very good writing techniques.
That all said, this is the beginning of ChatGPT and automata writing engines. Give the bot a few months or a few years, and I’d expect the sophistication of the bot to be on a competitive level to human writers. My prediction is that ChatGPT and automata writing engines will be used for “basic framework”, then more advanced human writers will add to the basic text that is generated — very similar to what I myself did in the earlier section. Let ChatGPT and automata do what they are good at (not much different than having an entry level lawyer write the beginning of the contract), then have a more advanced human take over to edit and include details that may have been overlooked by the automata.
So tell me, what are your thoughts? Where is this technology likely to wind up in the next few years?