Dr. Hisham Abdulhalim.

Opinion
How AI is fueling cybersecurity threats – and why small businesses are particularly vulnerable

"AI-powered threats aren’t only a concern for large corporations; small businesses which often lack the resources of larger companies, are increasingly becoming more vulnerable," writes Dr. Hisham Abdulhalim, a lead AI product manager at Intuit Israel R&D Center.

AI, once a distant dream, has burst onto the scene, revolutionizing industries and reshaping our world. While it offers unparalleled potential, it's also becoming a powerful tool in the hands of cybercriminals. These digital adversaries are leveraging AI to craft increasingly sophisticated attacks, making it harder for organizations to stay secure.
AI-powered threats aren’t only a concern for large corporations; small businesses which often lack the resources of larger companies, are increasingly becoming more vulnerable. With a wealth of customer information, from payment data to personal details, small companies are attractive targets. AI allows attackers to craft convincing phishing emails, develop malware that evades detection, and even generate deepfake impersonations. For many small businesses, a successful attack could lead to significant financial losses, legal repercussions, and damage to customer trust.
1 View gallery
Dr. Hisham Abdulhalim
Dr. Hisham Abdulhalim
Dr. Hisham Abdulhalim.
(Micha Lovton)
The first step is awareness - as the threat landscape continues to evolve, small businesses must understand the potential threat of AI in the hands of cybercriminals.
One of the biggest risks AI poses in cybercrime is enhancing phishing and social engineering attacks. AI is supercharging cyberattacks, making them more targeted, evasive, and deceptive. Phishing scams, once a crude art, are now becoming highly personalized, with AI analyzing social media and other online data to craft convincing messages. This makes it harder for employees to spot fake emails, increasing the risk of data breaches.
Malware, too, is evolving. AI-powered malware can adapt and change its form to evade detection, slipping past traditional security measures. Known as polymorphic malware, this type of malware continuously changes its appearance and behaviors, evading traditional antivirus software and other security tools. This makes it easier for cybercriminals to infiltrate systems, steal sensitive data, and disrupt operations.
And then there's the threat of deepfakes. AI-generated fake videos, audio, and images can be used to impersonate trusted individuals, tricking employees into revealing sensitive information or authorizing fraudulent transactions. As deepfakes technology advances, it becomes increasingly difficult to distinguish between real and fake content.
How can small businesses safeguard their data against these sophisticated AI-powered threats? Here are a few essential steps:
  • Invest in Smart Security: I always recommend businesses, big or small, to invest in AI-powered security tools. These tools use detect unusual activity and respond to threats, acting as your digital bodyguard.
  • Educate Your Team: Your employees are your first line of defense. Make sure they're trained to spot phishing emails, recognize social engineering tactics, and stay alert to potential threats.
  • Layer Up Your Security: Use multi-Factor Authentication (MFA) to add an extra layer of protection to accounts and systems, making it harder for attackers to gain unauthorized access. It's like adding a lock to your digital door.
  • Verify Before You Act: Whenever you receive a request that seems suspicious, especially those involving sensitive information, pick up the phone and verify. It's a simple step that can save you from a big headache.
In this age of AI-powered threats, staying safe online isn't just an option, it's a necessity. By taking these steps, you can protect your business, your customers, and your peace of mind.
Dr. Hisham Abdulhalim is a lead AI product manager at Intuit Israel R&D Center.