CPX 2024: 'Terrifying' Future with AI, Gen AI and Security

CHECK POINT CPX 2024 — A Check Point Software Technologies researcher says the future of artificial intelligence (AI), generative AI (GenAI) and cyber crime is “kind of terrifying." And the clash between hackers and defenders will continue intensifying in the months and years ahead.

That’s according to Jeremy Fuchs, cybersecurity researcher/analyst at Check Point. We spoke with him during day two of this week’s CPX 2024 in Las Vegas.

AI took center stage at this week’s CPX 2024, and Gil Shwed, Check Point’s CEO and founder, said AI is incorporated into all of its cybersecurity solutions.

Check Point's Jeremy Fuchs

What’s most surprising and disturbing about the current threat landscape is the “velocity” of attacks and the amount of seemingly simple attacks that are still successful, Fuchs said.

“It kind of boggles my mind that the Nigerian prince scam is still in use and still successful,” he said. “One of the classic ones is the fake Norton or McAfee invoice renewal scam that's been going on forever. We see that all the time. That to me is a little surprising. Maybe people in the security world think, 'Oh my God, I thought we got rid of that years ago.' In fact, we did not. It's still here and it's still prevalent, and people are still following it.”

CPX 2024 Covers All Things AI and Cyber

AI is the “buzzword” around the world at the moment and cybercriminals are making use of it in a growing number of ways, Fuchs said.

“We see it to write better grammatically correct phishing emails with the proper spelling, all that stuff,” he said. “We certainly see them using some of the tools that are not necessarily ChatGPT, but like WormGPT or some of these other ones, to build and send malware. This is pretty prevalent.”

It's difficult to tell if a phishing email has been AI-written because it's meant to look like a human wrote it, Fuchs said.

“I think to fully understand every single attack, whether it was AI generated or not, I don't know if we're quite there yet, but probably pretty close,” he said. “But I would say that if a hacker is not using AI in some form or fashion, I would be surprised. I think there are probably varying levels of adoption, and there's the argument we all say that this lowers the barrier to entry. Anybody can just sign up for one of these sites and begin creating malware, whereas before you had to know how to code and all that stuff. Are we seeing a rush of young cybercriminals around the world now doing this? I think it's kind of hard to say. I think it definitely will happen. So it has lowered the barrier to entry, but it does not make it foolproof, I think at this point.”

Everyone Is a Target

Everyone is a target with AI-enabled attacks, but education is the most highly targeted, Fuchs said.

“Whether it's K-12, higher education, research and government, the medical industry, doctors’ offices, hospitals, insurers, what those all have in common is that they all hold some form of rich data, whether it's Social Security numbers, any sort of personally identifiable information (PII), health records, all of that stuff is gold to hack on the black market. That being said, almost every organization in every industry has some form of data that can be sold in some form or fashion. Every organization in the world, unfortunately, is a target.”

And in some of the industries where they don't have a lot of data, hackers can still get a lot of things from there with just one successful attack, Fuchs said.

“It’s just what the hackers are looking for,” he said. Are they looking for health data? They’re not going to probably go after a manufacturing company, but if they're looking for customer information, that's every organization in the world. So everybody is a target.”

Cyber defense is all about creating and fostering a security-minded culture, Fuchs said.

“One of the things we do is we have something called Smart Banners," he said. "So if you get an email about an invoice and somebody's requesting you to pay this $1,000 invoice to me today, we can customize it to put a banner and it says your organization's policy around invoices is XYZ. It's a reminder that before I pay that invoice, let me ask finance. Is this a legitimate invoice? Are they expecting this invoice? That's a fairly easy thing to do, and you can customize it based on your organization's policy. It's a huge weapon for business email compromise (BEC) attacks. And if your CEO is being spoofed and saying, 'Hey, can you pay XYZ company $10,000 today, that's a potentially very dangerous thing.”

Combining this with powerful technology is “really the only way forward,” Fuchs said.

“There are so many cybersecurity vendors, there's so much to choose from,” he said. “And I think that's actually a good thing for organizations, that the choice is almost limitless. You can do your research and define which product is best for your organization, for your industry, budget, all that stuff. So I think that gives me some hope. It's not just that you're hoping people do the right thing. We can have people doing the right thing, augmented and supported and backed by these unbelievable technologies, and AI that can do all these amazing things that seemed like science fiction a few years ago.”

Gen AI and Security Professionals

Also at CPX 2024, Check Point released new research, prepared by Enterprise Strategy Group, that focuses on the current and future use of Gen AI in cybersecurity, covering its adoption, governance, risks and anticipated benefits. It surveyed 370 IT and cybersecurity professionals from various industries in North America.

The survey highlights the significant impact of Gen AI on enhancing operational efficiency, with cybersecurity professionals and organizations actively exploring Gen AI applications to bolster security defenses and manage cyber risks more effectively.

Main highlights from the research include:

Tal Eisner, Check Point’s marketing lead of threat intelligence and research, said the hope is that the fear and doubt associated with Gen AI will bring a more educated, detailed and thoughtful usage of AI and GenAI in general in the coming future.

“Gen AI is a huge leap in technology and as such, everybody is trying to leverage it, the good people and the bad people, the adversaries and the defenders,” he said. “I am hoping that the defenders will know best how to leverage this. And they are, at least at Check Point, using AI and Gen AI as a defender. We're hoping that this will continue, and the defenders will have their upper hand on the adversaries that are using this technology revolution.”

Cyber is a weapon in any region, geography and any scale, Eisner said. Prevention is the only way to defend against that.

“You cannot be just a bit prepared, you must be fully prepared, and fully protected in any way and against all surfaces of your organization in order to protect your users and your assets against these kinds of attacks because they're becoming more and more sophisticated, and they will continue to be so,” he said. “Hackers are not resting. They're only developing, and going higher and higher, and more and more sophisticated. So organizations must take the necessary steps on a daily basis, 24/7, in order to prevent attacks from happening, because we know from statistics that every organization or most of the organizations around the world are being attacked around 1,000 times a week on average, sometimes more, sometimes less, depending on the size of organization and the geography. But that's the general average. And in order to be prepared, you must prevent and protect yourself against the next attack.”

Partners Speak

Bob Reilly, vice president of sales at AccessIT Group, a Pennsylvania-based cybersecurity solutions provider and Check Point partner, said AI is important to not only his company’s customer base, but also the support it can provide to customers.

“The information, the speed at which we can gather information and the path to implementation or remediation is always important,” he said. “So as AI becomes more and more relevant, we continue to fine-tune our expertise around that to satisfy the needs of not only our organization, but our partners and our customers.”

Reilly said he’s bringing back to his company a lot from CPX 2024.

“Most importantly, hearing about the modifications or enhancements that Check Point has done to their platform, making it a more holistic platform based on incorporating AI and some of the other solutions they acquired over the past years, that's a very compelling story there," he said. "Their new channel program and how that aligns with our business is really important as well. Coupling that all together is a message we will be delivering to our sales force.”

Bruno Nobrega, CEO of NTSEC, a reseller and services provider based in Brazil, and Check Point partner, said all of the solutions announced during CPX 2024 will put his company in a “good position to compete against our competitors.”

“It was very welcome, all the announcements, especially for security appliances,” he said. “For awhile we were behind the competition when we talked about performance and things like that. Sometimes we had to offer bigger appliances to compete with our competitors. And now I think we're going to be a step ahead, and it's going to be fascinating. We are very excited about it.”

The emphasis on AI is helpful because “we need to keep up with the needs of the market, otherwise you’re going to be displaced,” Nobrega said.

“We've been working with AI for awhile,” he said. “We have a security operations center (SOC) department that is already using AI for protecting our clients. We are all thinking of next steps, so that’s why we are very glad that we will have new features powered with AI.”