Los principales ataques a la IA y cómo puede prevenirlos el ITDR

Hello. This is Michael Novinson with Information Security Media Group. We’re going to be discussing Top AI Attacks and How ITDR Can Prevent Them. We’ll be exploring this with Alex Weinert. He is the Chief Product Officer at Semperis. While AI can significantly improve your organization’s workflow, it can also introduce new threats in the wrong hands. In today’s webinar, we’ll discuss how AI is enabling attackers at increased rates and efficiency, putting your core business systems at risk. We’ll discuss effective identity threat detection and response strategies that can help reduce these attack impacts. We’ll discuss the top ways AI is enabling attackers, how an effective ITDR strategy can help reduce attack impacts, as well as how to uncomplicate the task of securing your business systems in the face of AI. A little bit of information about us here at Information Security Media Group. We started 19 years ago back in 2006 as a single property covering the banking and financial services industry. Since that time, we’ve expanded and today encompass 38 global media sites. This includes topic-based coverage in areas like banking and financial services, healthcare, and government, coverage around data breaches and information risk. And more recently, we’ve branched out to cover artificial intelligence, the Chief Information Officer community, and operational technology. We host summits all around the world in roundtables as well as the webinar you’re listening to today. If you do need any technical support during today’s webinar, please reach out to webinars@ismg.io. Today’s webinar is being brought to you by Semperis, a cybersecurity leader and an active directory expert. They know that identity-first security is the key to operational resilience. For more than 90 percent of today’s enterprise organizations, if Active Directory isn’t secure, nothing is. Many of the world’s leading businesses trust Semperis to help them protect Active Directory and Entra ID from escalating cyber threats. Nothing is off limits to today’s cyber attackers, including emergency services, hospitals and healthcare providers, schools, and financial institutions. Whether your business is building businesses, saving lives, or serving citizens, Semperis helps people operate with confidence by protecting their critical identity infrastructure. Our subject matter expert for today’s webinar is Alex Weinert, Chief Product Officer. Most recently, he was Vice President of Identity Security at Microsoft. He led the team that delivered core defense technologies that form the cornerstone of Microsoft’s Zero Trust offerings, Entra ID Protection, Entra Conditional Access, multifactor authentication, and the Microsoft Authenticator app, as well as a host of enterprise and consumer account defense systems. Prior to his current role, Alex previously served in a variety of engineering and product management roles on products such as MSN, Visual Studio, Xbox, and identity related products like Active Directory and Forefront Identity Manager (FIM). Outside of work, Alex is passionate about interacting with various humans, making stuff, sailing, and music. Alex, it’s a pleasure to have you with us today. Hey. Thank you, Michael. I really appreciate the intro. Appreciate you. You’re very welcome. So let me start you off with a big picture question here, and that is what are today’s top AI powered attacks? Well, I think that the main thing that we think about in modern AI is generative AI and its ability to emulate humans and synthesize content pretty rapidly. And so I think that yields one class of attack, which is that you can spearfish at a level that we’ve never seen before. The accuracy, for example, if somebody gets hold of one mailbox, they can very quickly have generative AI synthesize spear phishing email that looks exactly like it comes from the right organization. It is formatted correctly. It has topics that make sense. You know? So you’re literally talking about getting an email from your boss that says, “Hey. Review this document now.” But the document payload can be malware. Right? So it’s really, really hard to discern. It’s already very hard for humans to discern attacks. I think with generative AI, we can see that going to basically non-discernible. And so that’s one class that I think people are thinking about. And what that means is that if you have any vectors into your state in terms of core systems for administration, including your directory systems, your identity systems, then the likelihood of those accounts standing up to a phishing attack is very, very low. So it means we have to kinda double down on making sure that we have least standing access. It also means we need to double down on making sure that the credentials that we’re using are nonphishable. So using things like passkeys instead of passwords, or even password plus telephone. But the other major attack that’s really interesting is that we’re in a place where discovery is much, much easier. And in some ways, it’s like, hey, this is what we paid for. We want generative AI tools to help us go through and be able to ask a question. So if you think about 20 years ago, you had all these files around in your environment. And the only way you could find them is you knew they were there. Right? There was no search. There was no indexing. It’s just very, very hard to find content. Even today, often, it’s hard to find the content you’re looking for. Because with indexed search—which is kind of the next generation—with indexed search, you can sort of say, well, I’m looking for documents about this topic, but if those exact words weren’t used or if that exact author wasn’t in the title or whatever, you might not get the hit. And, the currency of the document might be in question—or is it really related? With generative AI, we can start to ask questions like, “Summarize all current cyber threats in my environment per documents written in the last six months.” That’s a very scary query for somebody who will issue into an environment that’s been indexed with generative. And so the impetus is on us to make sure that environment is truly secure, that we understand the attack paths, that we’ve cut off the vectors that people can use, is higher. Because it’s always been true that if any one account falls, then that’s a jumping off point that an attacker can use to conquer an environment. But in the world of generative AI, acquiring that account using spear phishing is easier than ever. And then the speed with which you can utilize that account, if you’re using generative AI search tools, is also very, very high. So it just increases the burden to some extent. The good news is we can use generative AI as well to help address those problems. Very interesting. And I want to get a sense from you of what impact do they have as compared to traditional attacks? Well so I think the before and after is useful to think about. So once upon a time, we had passwords, and I spent a fair amount of my career trying to convince people to use MFA or to use passkeys, to use really strong MFA. And in a world where people have used MFA, the attacker’s burden is now to trick you into performing that MFA task to give them access. Right? And very often, the way that you do that is with phishing. So I’m going to try to convince you to interact with me. And the trick to that is with conventional phishing, I might say something like hey, we’re doing aprize handout. Come click this link. And then I trick you into giving away the password. Now with MFA, the password isn’t sufficient for repeated sessions, so I have to trick you into doing an Adversary-in-the-Middle phishing attack. And the burden on the attacker goes up higher. And the opportunities for the person who’s being attacked are better for them to detect that attack and to resist it. We have things like the frame around your browser that warn you that you’re going to the wrong site, that sort of thing. We get more opportunities in those situations to resist attacks. But it boils down to the question of can you convince the person that you’re interacting with to do the thing that they’ve been trained not to do? Like, you’ve been trained not to put your credentials into a strange website. You’ve been trained not to click on links from emails from senders you don’t recognize. In the world of generative, I can synthesize an email that is in fact indiscernible. It will look exactly like the mail you’re expecting to get from your boss or your colleague. And so that becomes a burden where we can’t really expect a user to be able to resist a phishing attack. The only real answer in that world is phishing-resistant credentials, things like passkeys or FIDO2. So that’s kind of the big elevation in terms of conquering accounts. And then the second big elevation is the one I mentioned, which is where the ability of an attacker to move through an environment and acquire information, if that environment has been empowered for generative AI tools. If I take over an account and the account has access to a search agent, and I can simply tell the search agent, find me all information of this type, and it will actually go and search across those documents and summarize it into a tidy package for me and let me walk away with it. If the thing I’m asking for is, for example, quickly summarize for me all of the credentials that are in documents or files in this environment—suddenly, have a nice index of all the applications that are running in the environment that have credentials in them. So that’s a much faster and much more powerful attack. The recon phase—the part where the attacker has to go and find things—gets condensed down into one query. And they get a summary that they can walk away with. They don’t even have to stay in the environment. They can come back later with that information. Very interesting. I wanted to get a sense to me of where are enterprises challenged to detect and to respond to AI powered attacks? Well, I think that we can think about these distinct phases. Prevention being one of them. So prevention is really essential—for example, Semperis has a tool called Purple Knight, which detects known vulnerabilities in the environment. We have another tool called Forest Druid. Forest Druid, you can think of it as figuring out attack paths. Not just here are the people who have access to Active Directory, but here are the people who have access to the people who have access to Active Directory. So, for example, I’m the administrator of a distributed group, and that group is used to populate my administrator’s group. I can now explore that using Forest Druid. I can understand those pathways. By using those pathways and understanding where all the attacks can come from, you can begin to then cut off the unnecessary access. Right? So that’s a very key thing to do. In a world where anyone who has access, that access can be exploited faster than ever, it’s very important that we minimize standing access. So we really think in terms of what is our solution for having the least standing privilege possible and for controlling unnecessary access into this environment. And we’re particularly concerned with the identity infrastructure because once that identity infrastructure collapses, it’s kind of game over. We’d say it’s an extinction event in some cases, for some organizations can’t survive it. So it’s very, very important that we’re protecting that space and understanding the attack paths into that space—and cutting them off is super critical. That’s probably the most important thing is reducing the surface area for attackers. The second thing is being very thoughtful about really what are the permissions in your environment. You could be—in the old days when the only way you found a document was knowing the name of the document and you know exactly where it was—you could be kinda lazy about permissions. But today, you can’t be lazy about permissions. The agents are going to find and index those documents. So the way that you prevent those documents from being exposed to an attacker is you make sure the documents only are exposed to the people they should be. So understanding document permissioning is the second really, really important thing. And then third is detecting any anomalous behavior. So, like, if people start doing weird things in the environment. Being able to go through and say, okay, I see that Michael is making changes to our group policy and he’s never done that before. Detecting those anomalies becomes really important if the attack does get past you in terms of attack surface reduction. Then detection becomes really key, and then containment. So let’s get into where are the gaps in traditional identity threat detection and response strategies? Well, I think that, frankly, a lot of traditional identity security is pretty general. It’s this idea of I’m going to be looking at every account that gets compromised. And while that is a nice ideal, most organizations that I’ve worked with over the years are investigating between 5 and 10 percent of detected attacks. And the reason for that is that their investigation teams are overwhelmed. Their SOC teams just get much, much more data than they can process. And so they can only selectively investigate the most critical cases. In understanding which of the accounts can get access into that central environment, minimizing that number really goes a long way towards being able to focus those investigations and making sure that you’re focused on the infrastructure piece of this equation. The person who is—like, I don’t want to downplay the importance of losing business information. Right? So if you think about my admin gets compromised and could see this quarter’s financials—that’s very, very bad. We should understand it’s bad. But it’s nothing compared to my identity infrastructure is compromised—and the attacker can now get access to any system they want to at will. Right? That’s a very different level of attack and level of severity. So I think that one of the main things for effective ITDR is focus. And I don’t think that we’re at a place where all the solutions are helping focus customers. I think that really understanding and focusing on the infrastructure components of this is super key. ITDR is not generalized identity security. It’s specific to protecting the infrastructure. So going through and really understanding the complete solution, I think there are there are approaches which are frankly too focused into one element. So for example, there are approaches which are wholly focused on prevention, with the assumption that we’ll never actually have a successful attack. There’s other approaches that are wholly focused on attack surface reduction—the idea that we can block it. But really thinking about the entire circuit, evaluation and posture improvement is key, and needs to integrate with detection and disruption, and needs to integrate with preparation and response. And all those things have to work together. One thing that I think is essential in this world is that we’re really helping people understand that complete circuit, the before, during, and after an attack, and empowering them to respond appropriately to each of those cases. Including when you think about it, if your identity infrastructure is down, you have no application access. So if you’re planning to contact your security team by email or Teams, you’re kinda out of luck. You can’t sign in to Zoom because you don’t have identity. You can’t get to the documents that guide you through recovery because you don’t have identity. So all of those things end up being inhibitors for a successful recovery. And I think that’s another thing that a lot of ITDR solutions don’t quite get right, which is that in an ITDR event, there is no identity. You need a completely alternate toolset. Absolutely. And what do you consider to be the hallmarks of an effective ITDR strategy? I think the effective ITDR strategy is going to be very largely centered in these three chapters: I think posture assessment and improvement is very, very key. I think that detection and disruption is key. And then I think preparation and response is key. But of all those things, what I think is actually most critical and least done is rehearsal. I’d say this is like having a fire extinguisher in your kitchen, and you know you should because you could have a fire. So you buy it and you throw it in the corner. And then you never do anything with it. Well, if a fire breaks out, do you know how to operate it? Do you know where it is? Can you get to it in time? Does it still work? And very often, we’re in a situation where, unfortunately with identity outages which are much, much more extreme, people aren’t doing any rehearsals or preparation in that way. And how is Semperis helping customers tackle these challenges? Well, Semperis is—you know, after 30 years at Microsoft and about 15 leading identity security at Microsoft, I was in an interesting position. And, in talking to Semperis and working with Semperis over the years, I’d realized that this was an organization that was very, very mission focused and very focused on helping customers with this critical problem. And not in a way that was, okay, we’re just doing detections or we’re just doing backup or we’re just doing it for one environment or the other—but actually really looking at what’s the whole problem for the customer that we’re trying to solve. And so I think where Semperis came from historically was in this Active Directory resilience space. But as it grew through that space, what happened was that when organizations had resilience events—and these could be malware events, they could be other kinds of outages around Active Directory or on identity systems—it’s kind of the worst day of your life. Right? You can’t communicate. You can’t do any business at all. Like, if you’re a hospital, you’re not doing medical care. If you’re a bank, you’re not doing transactions. People, customers are freaking out. The board is freaking out. So what happened was Semperis started to do services as well. We’re just stepping in with all the expertise. Semperis has a ridiculous amount of identity expertise. And that’s stepping with that expertise, whether or not the organization was a customer yet, and helping them recover from these events. And by doing this over and over and over again, I think that Semperis was uniquely able to see this bigger picture. By having that servicing component, I was able to see this bigger picture of all the things that need to happen. And in fact, that’s kind of what created Ready1. So Ready1 is a Semperis solution for crisis management that operates completely independent of conventional infrastructure. And the reason for that is that, again, if you’re having that outage, how do you contact your team? And Ready1 gives that solution. And it’s a very cool solution. You should check it out. But I think it’s better as an example. It’s an example of seeing the whole problem and then bringing tools to the table that solve the whole problem. The whole problem isn’t solved by saying, well, the SOC’s gotta detect all my identity events and stop them, or I’m going to have somehow created a perfect environment that can’t be attacked. That that’s not realistic. Realistic is you’re going to have to work every angle of this problem. You have to think before, during, and after the attack with the tools that are designed to take you through that process. And I think that’s where Semperis is unique is that Semperis doesn’t solve identity as a part of some other thing. Semperis is identity focused and is focused on solving this entirety of this identity resilience and security problem. What are the questions that our viewers should be asking about their own current capabilities? I think there’s a couple of things that are really key. I think probably the most important thing I would ask is if you are rehearsing realistically. I think that’s really essential for organizations to do. Go through and actually make sure that this isn’t the fire extinguisher that’s been left in the corner of the kitchen and forgotten, but that the tools are actually being exercised. I would ask about how this operates in real life with your real team and your real processes. And I think that getting your playbooks together and being able to execute those playbooks and run tabletops is super, super key with whatever toolset you’re using. Thinking through the reality that identity attacks don’t begin and end with a data loss. Like a lot of attacks—when you think about ransomware, it’s like, well, they’ve encrypted my data. Identity—it’s not like you can just take a backup of the server and restore it because the accounts that are in that identity system may be corrupted. The policies that are in there may be corrupted by the attacker. The group memberships that are in there may be attacked, impacted by the attacker, and then the server that it’s running on may have malware on it. Right? So one of the things that’s sort of unique about our solution is this ability to isolate the data from the execution environment. So you could take literally any server footprint that’s clean and then actually replay your identity stack onto that so that you have a guaranteed malware-free environment. But that’s not enough because the attacker got into your environment somehow. Right? So what were the known vulnerabilities that existed in the environment? And that gets us into this concept of recovery without security isn’t meaningful. Again, you have to solve the whole problem. And so in this world, I think you want to think in terms of I’m doing recovery into my cleanroom environment, but now I need to assess my known vulns so the attacker doesn’t reenter. I also need to assess known attack pathways, right, so that I’m not giving them too much permission again. And I need to be able to review the history of what’s happened in the environment so that I can see what footsteps the attacker took and be able to roll back to the changes that they made. That ability to do all of that is essential to getting a clean restoration. It’s not like you can just say, well, Active Directory is on that server. I’m going to restore that server from a previous image. Because you’re just going to restore the malware, the vulnerabilities, the attack paths that the attacker used. So identity is a little bit unique in that the data is the pathway. Understanding that the data is clean, the environment is clean, that you have a safe environment to restore into is super key. And, and I think that’s where the customer should focus—and then rehearse, rehearse, rehearse. Finally here, where can our viewers go to learn more? I’d encourage viewers to go to our website, to Semperis.com. And there, you’ll find a host of information about conventional tools for backup and recovery as well as our security tools. And then importantly, the execution environment is Ready1, which will allow you to restore an environment even when all systems are down. Thank you for that, and thank you so much for the time today, Alex. It’s been a pleasure. Thank you, Michael. Appreciate it. You’re very welcome. We’ve been speaking with Alex Weinert, Chief Product Officer at Semperis about Top AI Attacks and How ITDR Can Prevent Them. For viewers out there, if you have any questions for Alex or the Semperis team, please reach out to webinars@ismg.io. For Information Security Media Group, this is Michael Novinson.