We’re venturing into an era where the fusion of artificial intelligence (AI) technology with cybersecurity will become increasingly imperative and non-negotiable.
To get some much-needed insight into the evolving cybersecurity landscape, we spoke to Jeff Sims, Principal Security Engineer at HYAS. Jeff is a trailblazing AI pioneer, celebrated for his pioneering work in AI-driven security solutions and projects like BlackMamba, AdversarialGPT, and EyeSpy. And he’s set to unveil some of his most revolutionary work in 2024.
In this interview with Sims, we explored the challenges, solutions, and possibilities at the intersection of cutting-edge AI and cybersecurity.
An ‘Expression’ of Creativity
To start our conversation, we delved into Sims’ connection with technology, reflecting on its evolution and his unique journey in the field.
From a young age, I viewed technology as not just a powerful tool, but also a medium for self-expression.”
My father, a renowned radio frequency engineer, chose not to purchase an Atari for me. Instead, he presented me with an Apple II E Laser Clone, challenging me to learn DOS if I wanted to play video games.
Engaging in complex problem-solving and pioneering offensive research is not just a display of my technical skills, but also an expression of my creativity. Sharing my research within the community and witnessing its tangible impacts is what I find most rewarding.”
AI Could Be Our Iron Man Suit
Sims also spoke about the complex interplay between cybersecurity and cybercrime, highlighting AI’s pivotal role and likening it to an “Iron Man suit.”
Undoubtedly, AI is set to be a transformative yet dual-edged force in cybersecurity.
The security field is marked by a striking dichotomy. On one side are those who share my perspective, while on the other, some view AI as mere hype, fearmongering, or even snake oil.
However, our adversaries are inherently adaptable, already harnessing advanced AI for their attacks.
Jeff Sims
Principal Security Engineer at HYAS
Cybercriminals are already jailbreaking AI chatbots to craft malicious content for social engineering. However, security researchers say this is only a precursor of what’s to come.
In August, UK-based researchers revealed that AI can be used to interpret keystroke sounds and steal sensitive data. And, in October, HYAS warned that AI-generated, “polymorphic malware” can outsmart our current security solutions.
AI presents a significant opportunity to bridge the cybersecurity skills gap. It can serve as an augmentation to the defender’s toolkit, akin to an ‘Iron Man suit,’” Sims said.
Pioneering Projects: BlackMamba, AdversarialGPT, and EyeSpy
Sims’ pioneering work — particularly his BlackMamba, AdversarialGPT, and EyeSpy research projects — has garnered significant attention and acclaim.
Sims talked about his innovative projects and their impact on the field, explaining their role in shaping future cybersecurity strategies.
We are at the brink of a technological evolution, comparable to the 18th-century Industrial Revolution. Many experts, including myself, anticipate that society could undergo radical changes in the next decade due to the rapid advancement of AI.
Research like BlackMamba and EyeSpy offer a glimpse into this future, particularly focusing on building futuristic, offensive capabilities,” he said.
BlackMamba and EyeSpy represent a departure from conventional malware, distinguished by their advanced AI capabilities that enable them to evade modern security measures and make decisions.
I created AdversarialGPT and BotnetGPT to both enrich the community and enhance my research process.”
Being able to quickly and easily customize ChatGPT to meet my specific research requirements has been a game-changer, allowing me to access information conversationally and immediately.”
Guiding Principles for Working in Cybersecurity and AI
Sims shared some insights and advice for working on solutions in the bleeding-edge AI-powered cybersecurity realm.
I recommend thoroughly understanding your solution, including its strengths, weaknesses, and potential risks.
For example, while GPT-4 is an impressive tool, it’s not designed for handling sensitive information. In such cases, you might consider setting up a state-of-the-art open-source model, fine-tuned for your specific domain.
Jeff Sims
Principal Security Engineer at HYAS
Sims’ AdversarialGPT, built with the ChatGPT API, is an example of this.
For those in cybersecurity, acquiring a foundational understanding of data science is becoming increasingly important. While mastering more complex tools like PyTorch or TensorFlow is beneficial and can significantly boost your career, even a basic grasp of data science concepts is invaluable. It helps not only in understanding the defensive solutions you employ but also in comprehending the advanced threats you may encounter, Sims said.
Looking ahead, the realm of cyber defense and offense will soon transition to a machine-to-machine battleground. The complexity and speed of AI-driven cyberattacks, coupled with their unconventional nature, will gradually render pure human intervention less practical.”
Visions of the Future in Technology, Cybersecurity, and AI
We also asked Sims about his predictions of the future and what he would personally like to witness or contribute to.
The future is undoubtedly dominated by the rapid advancement of AI.
In the next decade, we can expect the world as we know it to transform significantly, though it’s unclear whether these changes will be for better or worse. A major shift is inevitable, particularly in the job market, as many roles will become obsolete and automated by AI.
Jeff Sims
Principal Security Engineer at HYAS
According to Sims, there are two scenarios: one positive and the other negative.
I wonder if that [AI] will be the catalyst which will free up our collective higher cognitive function which will be applied in a united effort, for things like curing disease and interstellar space travel, Sims said.
The other side is that AI safety was either overlooked or not well thought out, which results in the creation of an entity that is smarter, faster and stronger and knows it… we no longer will be the apex predator on the planet. Could this lead to conflict, or necessitate a profound shift in our approach to civil rights, including who or what is granted these rights?
The future is ours to mold; it’s the discussions and research being done today that will shape the outcomes of tomorrow’s realities,” he added.
Over the past three years, Mirza has distinguished himself as an expert tech journalist at VPNOverview. Backed by a degree in Global Communications, his meticulous writing encompasses the evolving realms of generative AI and quantum computing, while also illuminating vital facets of malware, scams, and cybersecurity awareness. His articles have found acclaim on prestigious platforms, ranging from cybersecurity portals like Heimdal Security to broader channels such as the official EU portal. Furthermore, he is constantly engaging with other experts in cybersecurity and privacy, enriching his detailed research.
