As GenAI advances, so does cybersecurity threats
AS GENERATIVE AI (GenAI) technologies continue to advance, the impact on cybersecurity grows increasingly complex and multifaceted. In an insightful interview with Ian Felipe, Trend Micro Philippines, a leader in cybersecurity solutions, we discover the challenges and opportunities presented by GenAI in the realm of cybersecurity.
Felipe said that currently, one of the most significant threats identified is voice cloning technologies. These tools, capable of creating hyper-realistic audio and video representations, pose a substantial risk for targeted scams, including SIM jacking, and other AI-enabled tools for their malicious activities, demonstrating the sophistication of current cyber threats.
“We have already seen examples of voice cloning-related scams executed in 2023. One example is virtual kidnapping, a scam in which cybercriminals falsely claim to have kidnapped a loved one. Malicious actors use voice cloning, SIM jacking, ChatGPT, and other AI-enabled tools to identify the most profitable targets and execute their ploy,” Felipe shared.
He also emphasized the importance of staying ahead of emergent threats by providing businesses with advanced threat intelligence and resilience strategies. With digital transformation expanding attack surfaces, the company highlights its efforts in offering comprehensive insights and solutions, such as the Trend Vision One cybersecurity platform. This initiative enables organizations to navigate the evolving threat landscape while ensuring compliance with privacy and confidentiality regulations.
For micro, small, and medium enterprises (MSMEs), the Trend Micro executive recommends a proactive risk management approach. Visibility across an organization’s digital assets is paramount, allowing for the early detection and disruption of potential threats. Tools like Trend Vision One facilitate centralized visibility and advanced threat defense, offering a strategic advantage in mitigating risks associated with GenAI technologies.
“That said, constantly monitoring assets and information across multiple parts of a business can seem like a daunting challenge, especially for resource-strapped MSMEs. The good news is that there are consolidated tools today that help to streamline and automate visibility, detection, and response,” Felipe pointed out.
Trend Micro also highlights the dual nature of GenAI, acknowledging its potential for both innovation and misuse. The company has been at the forefront of integrating AI and machine learning into cybersecurity, developing tools like the Companion cybersecurity assistant. This GenAI-powered tool enhances security operations by accelerating threat detection and offering actionable insights, demonstrating the positive applications of GenAI in combating cyber threats.
The interview concludes with a discussion on the necessity for government regulation in the GenAI space. Given the rapid development of AI technologies and their implications for cybersecurity, there is an anticipated increase in regulatory scrutiny. However, until comprehensive legislation is enacted, the cybersecurity sector may need to adopt self-regulatory measures. Implementing zero-trust policies and maintaining a vigilant stance are crucial steps for companies to protect themselves against AI-powered scams.
As cyber threats become more sophisticated, leveraging GenAI in both offensive and defensive capacities, the role of cybersecurity firms like Trend Micro becomes ever more critical. Through advanced threat intelligence, proactive risk management strategies, and the development of GenAI-enhanced security tools, there is a path forward to navigate these challenges effectively.
More importantly, Felipe emphasized is the collaboration between industry leaders, governments, and regulatory bodies will be paramount in shaping a secure digital future in the era of generative AI.
FULL INTERVIEW: 2024 Security Predictions with Ian Felipe, Country Manager, Trend Micro Philippines
Malaya Business Insight (MBI):You mentioned in the press release that “Businesses must transition beyond conventional phishing training and prioritize the adoption of modern security controls. These advanced defenses not only exceed human capabilities in detection but also ensure resilience against these tactics.” Social engineering is one, but what are the biggest threats posed by GenAI to cybersecurity in 2024?
Ian Felipe, Trend Micro (IFTM): Of all the AI-powered tools that have become progressively more sophisticated, we foresee voice cloning being abused significantly in near-future scams. This is because voice cloning tools are among the AI tools ripe for hyper-realistic audio and video misrepresentation in real-time. Such threats are also likely to remain more targeted as it require adversaries to collect numerous audio sources from specific individuals to ensure successful AI-driven voice impersonation.
MBI: We have already seen examples of voice cloning-related scams executed in 2023. One example is virtual kidnapping, a scam in which cybercriminals falsely claim to have kidnapped a loved one. Malicious actors use voice cloning, SIM jacking, ChatGPT, and other AI-enabled tools to identify the most profitable targets and execute their ploy.
IFTM: Furthermore, while not a threat, a notable development is the possibility to trick generative AI systems into circumventing their own censorship rules. A resourceful imposter who already holds stolen credentials and uses a virtual private network connection, therefore, would be able to maintain its anonymity when executing scams in these systems. Ultimately, the accessibility of AI technologies will clear the path for more convincing and pervasive scams to targeted victims.
MBI: If GenAI will change the landscape of phishing and social engineering scams, is there anything a cybersecurity firm like Trend Micro do in light of increasingly strict privacy and confidentiality laws?
IFTM: The reality is that the introduction of any new technology, not just generative AI, has the potential to transform the threat landscape. Attack surfaces are expanding and will continue to do so with digital adoption and transformation. This is where we come in, as trusted cybersecurity advisors, to ensure that businesses can strike a balance between investing in new technologies and protecting their core assets, and most importantly, build awareness and resilience to stay ahead of the latest threat developments.
Firstly, we believe that it’s important for businesses to be aware of emergent threats, including GenAI threats, before they propagate widely, and we provide businesses and industry players with advanced threat intelligence. We have a network of 15 global threat research centres and hundreds of researchers delivering 24/7 insights on known threats, vulnerabilities, and future predictions like voice cloning, among others.
Secondly, in addition to providing businesses with threat intelligence, it is crucial that they are also able to build resilience to such threats and the risks posed to their business. We continuously invest in our Trend Vision One cybersecurity platform, which enables organizations to better understand, communicate, and mitigate cyber risk across the attack surface. Our platform also supports with compliance to the latest regulations, wherever needed.
With the threat landscape evolving rapidly, navigating the latest developments may be challenging. We are dedicated to being the trusted cybersecurity partner for businesses, helping them achieve greater cyber resilience.
MBI: What can MSMEs do to protect themselves from these new threats?
IFTM: As businesses increasingly look to implement new technologies, such as AI, within their organization, it is crucial that they also consider how well they are protecting their assets and information. To that end, a proactive risk management approach offers an effective method that goes beyond simply remedying incidents as they happen.
A crucial element of this approach is visibility. Businesses may have multiple systems and information stored across multiple business units. Having real-time visibility across these areas empowers businesses to identify the most vulnerable assets and potential intrusions. This enables them to disrupt threats upstream in the kill chain before any damage occurs – ultimately improving the likelihood of prevention.
That said, constantly monitoring assets and information across multiple parts of a business can seem like a daunting challenge, especially for resource strapped MSMEs. The good news is that there are consolidated tools today that help to streamline and automate visibility, detection, and response.
Trend Micro’s unified cybersecurity platform, Trend Vision One, is one example. It is an advanced Extended Detection & Response (XDR) platform that delivers central visibility – across email, endpoint, servers, cloud, and others – for better, faster detection and response, and a powerful range of advanced threat defence techniques. Ultimately, it provides businesses with proactive risk management capabilities to better understand, communicate, and mitigate risks across the entire attack surface.

Such platforms are grounded on a risk-based approach. This approach focuses on building the appropriate controls for the worst vulnerabilities, placing businesses in a better position to defeat threats that target their most critical areas. This not only improves cyber resilience, but also ensures businesses are strategically and effectively allocating finite security resources.
MBI: Specific examples of how Trend Micro can thwart or stop the growing use of GenAI by malicious actors?
IFTM: As much as AI and GenAI tools have resulted in an uptick of new threats, it is challenging to stop any player, malicious or not, from using the technology. However, the growing use of GenAI by malicious actors should not prevent businesses from harnessing the capabilities of the technology to progress their businesses and offerings.
To that extent, such technologies can also be used to strengthen cybersecurity and better combat various threats, including AI-related threats. In fact, at Trend Micro, we have been developing AI and machine learning tools for cybersecurity from as far back as 2005. From the early days of spam filtering, we began developing models designed to detect and block unknown threats more effectively.
More recently, we have been leveraging GenAI to enhance security operations with the launch of our cybersecurity assistant, Companion. This tool has the potential to revolutionise threat hunting.
Here’s how – Firstly, GenAI can draw connections from massive datasets to produce cybersecurity and threat insights at unprecedented speeds. Secondly, as GenAI uses plain language, every analyst regardless of their experience or skill level can readily access these insights for threat hunting. Thirdly, the tool also automates repetitive tasks, freeing up time-poor analysts to focus on more high-value tasks. Finally, it can also deliver threat-specific guidance and recommendations drawing on data from the organisations’ cybersecurity platform.
With our GenAI Companion tool, threat hunting teams of all sizes and experience can uncover more relevant information, faster, and with greater accuracy.
MBI: Is there a need for government intervention to regulate GenAI in the context of cybersecurity?
IFTM: The threat trends that we are seeing with regards to GenAI will likely lead to increased regulatory scrutiny. Governments and regulatory bodies will need to look into various cybersecurity risks of AI use, including adversarial attacks, data poisoning, insider threat, and model reverse engineering, which require rapid remediation to manage reputational risks. However, this may take some time, and the pace at which these trends are developing will likely push the cybersecurity sector to take matters into its own hands and self-regulate on an opt-in basis.
While legislation to regulate the use of GenAI is yet to be passed, it is paramount that companies proactively set appropriate risk and compliance guardrails to protect themselves. Implementing zero-trust policies and establishing a vigilant mindset will be crucial for enterprises to avoid falling prey to AI-powered scams.