AI in Social Engineering-the Next Generation of Offensive Cyber Operations

Abstract

Few can argue that Social Engineering is the most effective way to gain access to a system. From an offensive cyber perspective, Social Engineering reduces the need to identify a new vulnerability within a system to gain access by praying on psychological factors like emotion and fear. Social engineering has an effective rate of ranges between 80% and 90%. When AI is added to the picture, the likelihood of a successful social engineering scheme increases because AI can add a layer of realism and personalization that gets past a person’s barriers. When AI-influenced social engineering attacks are added to an offensive cyber operation, the attack surface grows increasingly more significant. The larger the attack surface, the higher the likelihood of a successful cyber operation. These targets can attack governmental agencies, the military, critical infrastructure, the healthcare system, and more. Understanding how AI in Social Engineering is impacting Offensive Cyber Operations is important. This case study looks at how AI is impacting Social Engineering and how AI influenced Social Engineering is being used by Nation State Threat Actors in Offensive Cyber Operations. The U.S. Department of Defence