my timesThe Korea Times

AI emerges as top cybersecurity issue in 2024: Samsung SDS

Listen
Samsung SDS headquarters in Seoul / Courtesy of Samsung SDS

Samsung SDS headquarters in Seoul / Courtesy of Samsung SDS

Samsung SDS has warned its corporate customers to prepare for increased security threats due to the rise of generative AI, which is one of the cybersecurity threats to watch out for this year, according to the company, Wednesday.

The company identified the top five cybersecurity issues that need attention this year, based on an analysis of cybersecurity threats that occurred domestically and abroad in 2023.

They are security threats abusing AI, cloud security threats in hybrid environments, the leaking of personal data and sensitive information, continuously evolving ransomware and network security threats.

"This survey shows the results of a questionnaire of over 700 security experts in large domestic companies and the public sector, including IT, manufacturing, finance, transportation and accounting. Samsung SDS also proposed countermeasures based on its global security operation experience and technical capabilities," the company said.

Among various security threats, the adoption of technologies triggered by generative AI is spreading across industries rapidly, leading to new security threats, the company said.

"Hackers are developing AI-based criminal tools like WormGPT and FraudGPT, and are trying to launch cyberattacks by easily producing mass malware using generative AI," Samsung SDS said. It said companies need security defense technologies such as AI-applied malware analysis and automatic threat identification.

Moreover, companies using various types of cloud computing systems have complex security configurations and management, leading to a high possibility of security vulnerabilities, the company pointed out.

Companies also should be on alert regarding data leaks that contain sensitive information, since the paths and methods of data leaks are diversifying, and leaked data is being traded on the dark web, causing secondary damage.

To prevent these kinds of threats, Samsung SDS advised companies to establish business processes and employee compliance rules, manage data loss prevention and copyright systematically and put more effort into preventing data leaks and complying with regulations.

Regarding ransomware, a type of malware that encrypts a target system's files, companies should secure security resilience to minimize losses when a ransomware attack occurs by eliminating security vulnerabilities and strengthening endpoint security.

For network security threat response, Samsung SDS also emphasized that access to systems and data should be granted after user authentication.

While the use of generative AI is increasing significantly, companies are hesitant to expand its use due to concerns about mishandling sensitive information.

For these customers, Samsung SDS unveiled FabriX, which allows various uses of generative AI in a private environment, and provides AI filtering functions that detect and block sensitive information.

“Security threats due to generative AI and cloud must be responded to from an enterprise-wide crisis management perspective,” said Byun Sang-kyung, vice president and leader of the security technology office at Samsung SDS. “Companies need to be aware that the introduction of zero trust-based solutions and services for security enhancement is an essential element of corporate management."