Check Point Releases First AI Security Report Highlighting Rise of AI-Driven Cybercrime
In a notable revelation, Check Point Software Technologies, a global leader in cyber security solutions, recently launched its inaugural AI Security Report at the RSA Conference 2025 in San Francisco. This pivotal report meticulously explores how cybercriminals are leveraging artificial intelligence (AI) to execute sophisticated attacks and identifies strategic insights for organizations to stay ahead of these burgeoning threats. As AI technologies evolve and reshape various industries, the demarcation between truth and deception is becoming increasingly blurred in the digital realm. Cybercriminals are now adeptly wielding generative AI and large language models (LLMs) to upend the trust that users place in digital identities. It’s a stark reminder that, in today's world, believing everything one encounters online is perilous. AI-driven impersonation can easily bypass even advanced authentication systems, leaving individuals vulnerable to extensive fraud.
Lotem Finkelstein, Director of Check Point Research, stated, "The rapid adoption of AI by cybercriminals is fundamentally altering the threat landscape. While some underground services become more sophisticated, all indicators point to an impending transformation—namely, the emergence of digital twins. These are not mere facsimiles in appearance or voice; they are AI-driven replicas capable of mimicking human thought patterns and behaviors. This is not a distant phenomenon but something that is approaching quickly."
The crux of these developments lies in AI's ability to skillfully spoof and manipulate digital identities, making it increasingly difficult to distinguish between genuine and counterfeit. The report highlights four critical areas where reliability is particularly at risk:
1. AI-Powered Impersonation and Social Engineering: Threat actors are utilizing AI to create real-time sophisticated phishing emails, false voice reproductions, and deepfake videos. A striking recent incident involved an attacker using AI-generated voice to impersonate Italy's defense minister, demonstrating the peril of fabricated voices, faces, and signatures online.
2. LLM Data Contamination and Misinformation: Malicious attackers are distorting AI-generated outputs by manipulating training data. A notable case involving the Russian disinformation network, "Pravda," revealed that an AI chatbot repeated false information with a 33% probability, highlighting the urgent need for robust data integrity in AI systems.
3. AI-Based Malware Development and Data Mining: Cybercriminals are employing AI to create and optimize malware, automating DDoS attacks and scrutinizing stolen credentials. Services like Gabbers Shop utilize AI to validate and cleanse stolen data, increasing their resale value and targeting efficiency.
4. Exploitation and Hijacking of AI Models: From stolen LLM accounts to custom dark LLMs like FraudGPT and WormGPT, attackers are evading security measures and commercializing AI as hacking and fraud tools on the dark web.
The report underscores a paradigm shift in which defenders must now consider that AI is integrated into attack methodologies. To counter these threats, organizations are urged to adopt an AI-aware cybersecurity framework:
1. AI-Assisted Detection and Threat Hunting: Utilize AI to detect threats and fraudulent content generated by AI, such as synthetic phishing content and deepfakes.
2. Enhanced Identity Verification: Implement multi-layered identity verification that extends beyond traditional methods to account for AI-driven impersonations across text, voice, and video, acknowledging that trust in digital identities can no longer be assured.
3. AI-Contextual Threat Intelligence: Equip security teams with tools to recognize and respond to tactics driven by AI.
Finkelstein further elaborated, "In this AI-driven era, cybersecurity teams must integrate AI into their defenses to keep pace with attackers. This report not only sheds light on the risks posed by the rise of AI but also provides a roadmap for securing AI environments responsibly and effectively."
The full AI Security Report is available for download.
Check Point Research provides the latest cyber threat intelligence to Check Point's customers and the threat information community. The team collects and analyzes data from cyber attacks globally stored in Check Point's ThreatCloud AI, collaborating with security vendors, law enforcement, and various CERT organizations to bolster cybersecurity measures. Over 100 analysts and researchers are part of this effort.
Check Point Software Technologies is a leading provider of digital trust, safeguarding over 100,000 organizations worldwide with its AI-powered cybersecurity solutions. The company's Infinity Platform and open garden ecosystem offers industry-leading security while minimizing risks through a prevention-first approach. Utilizing a hybrid mesh network architecture centered on SASE, the Infinity Platform integrates management across on-premises, cloud, and workspace environments, providing flexibility, simplicity, and scalability. The wholly-owned subsidiary in Japan, Check Point Software Technologies K.K., was established on October 1, 1997, headquartered in Minato, Tokyo.
This press release contains forward-looking statements regarding future events and the company's potential financial performance. The outlook includes growth expectations, leadership expansion, and the provision of industry-leading cybersecurity platforms to global customers. Factors such as platform capabilities, product adoption, market evolution, competition, and general economic conditions may cause actual results to differ significantly from those anticipated.
For Media Inquiries:
Check Point PR Department
(Hosted by NEXT PR)
Tel: 03-4405-9537
Fax: 03-6739-3934
E-mail: checkpointPR@next-pr.co.jp
Lotem Finkelstein, Director of Check Point Research, stated, "The rapid adoption of AI by cybercriminals is fundamentally altering the threat landscape. While some underground services become more sophisticated, all indicators point to an impending transformation—namely, the emergence of digital twins. These are not mere facsimiles in appearance or voice; they are AI-driven replicas capable of mimicking human thought patterns and behaviors. This is not a distant phenomenon but something that is approaching quickly."
Key Insights on Threats from the AI Security Report
The crux of these developments lies in AI's ability to skillfully spoof and manipulate digital identities, making it increasingly difficult to distinguish between genuine and counterfeit. The report highlights four critical areas where reliability is particularly at risk:
1. AI-Powered Impersonation and Social Engineering: Threat actors are utilizing AI to create real-time sophisticated phishing emails, false voice reproductions, and deepfake videos. A striking recent incident involved an attacker using AI-generated voice to impersonate Italy's defense minister, demonstrating the peril of fabricated voices, faces, and signatures online.
2. LLM Data Contamination and Misinformation: Malicious attackers are distorting AI-generated outputs by manipulating training data. A notable case involving the Russian disinformation network, "Pravda," revealed that an AI chatbot repeated false information with a 33% probability, highlighting the urgent need for robust data integrity in AI systems.
3. AI-Based Malware Development and Data Mining: Cybercriminals are employing AI to create and optimize malware, automating DDoS attacks and scrutinizing stolen credentials. Services like Gabbers Shop utilize AI to validate and cleanse stolen data, increasing their resale value and targeting efficiency.
4. Exploitation and Hijacking of AI Models: From stolen LLM accounts to custom dark LLMs like FraudGPT and WormGPT, attackers are evading security measures and commercializing AI as hacking and fraud tools on the dark web.
Defense Strategies
The report underscores a paradigm shift in which defenders must now consider that AI is integrated into attack methodologies. To counter these threats, organizations are urged to adopt an AI-aware cybersecurity framework:
1. AI-Assisted Detection and Threat Hunting: Utilize AI to detect threats and fraudulent content generated by AI, such as synthetic phishing content and deepfakes.
2. Enhanced Identity Verification: Implement multi-layered identity verification that extends beyond traditional methods to account for AI-driven impersonations across text, voice, and video, acknowledging that trust in digital identities can no longer be assured.
3. AI-Contextual Threat Intelligence: Equip security teams with tools to recognize and respond to tactics driven by AI.
Finkelstein further elaborated, "In this AI-driven era, cybersecurity teams must integrate AI into their defenses to keep pace with attackers. This report not only sheds light on the risks posed by the rise of AI but also provides a roadmap for securing AI environments responsibly and effectively."
The full AI Security Report is available for download.
About Check Point Research
Check Point Research provides the latest cyber threat intelligence to Check Point's customers and the threat information community. The team collects and analyzes data from cyber attacks globally stored in Check Point's ThreatCloud AI, collaborating with security vendors, law enforcement, and various CERT organizations to bolster cybersecurity measures. Over 100 analysts and researchers are part of this effort.
About Check Point
Check Point Software Technologies is a leading provider of digital trust, safeguarding over 100,000 organizations worldwide with its AI-powered cybersecurity solutions. The company's Infinity Platform and open garden ecosystem offers industry-leading security while minimizing risks through a prevention-first approach. Utilizing a hybrid mesh network architecture centered on SASE, the Infinity Platform integrates management across on-premises, cloud, and workspace environments, providing flexibility, simplicity, and scalability. The wholly-owned subsidiary in Japan, Check Point Software Technologies K.K., was established on October 1, 1997, headquartered in Minato, Tokyo.
Legal Disclaimer on Forward-Looking Statements
This press release contains forward-looking statements regarding future events and the company's potential financial performance. The outlook includes growth expectations, leadership expansion, and the provision of industry-leading cybersecurity platforms to global customers. Factors such as platform capabilities, product adoption, market evolution, competition, and general economic conditions may cause actual results to differ significantly from those anticipated.
For Media Inquiries:
Check Point PR Department
(Hosted by NEXT PR)
Tel: 03-4405-9537
Fax: 03-6739-3934
E-mail: checkpointPR@next-pr.co.jp
Topics Other)
【About Using Articles】
You can freely use the title and article content by linking to the page where the article is posted.
※ Images cannot be used.
【About Links】
Links are free to use.