Perception Point launches AI model to combat generative AI-based BEC attacks

4 min read


Join top executives in San Francisco on July 11-12 and learn how business leaders are getting ahead of the generative AI revolution. Learn More

Perception Point, an internet security platform, revealed its latest innovation to counter the rising tide of AI-generated email threats. The company’s new detection technology employs AI-powered large language models (LLMs) and deep learning architecture to identify and thwart business email compromise (BEC) attacks facilitated by generative AI technologies.

Criminals are exploiting generative AI technology to carry out sophisticated, precisely targeted attacks against organizations of all sizes. The technology has emerged as a new potent tool for cybercrime, especially in social engineering and BEC attacks, as it enables the creation of high-quality, personalized emails that resemble human output.

According to Verizon’s recent data breach investigation report, over 50% of social engineering incidents can be attributed to BEC. Perception Point’s 2023 annual report also reveals an 83% surge in BEC attempts.

To address this escalating threat, the company has developed an innovative detection model based on LLMs, which utilize transformers — AI models capable of comprehending the semantic context of the text, similar to renowned LLMs such as OpenAI’s ChatGPT and Google’s Bard. 


Transform 2023

Join us in San Francisco on July 11-12, where top executives will share how they have integrated and optimized AI investments for success and avoided common pitfalls.


Register Now

The solution can therefore identify distinct patterns in LLM-generated text, a crucial factor in detecting and thwarting gen AI-based threats.

Beyond legacy security solutions

Perception Point asserts that conventional security vendors often fail to achieve the required level of detection accuracy through contextual and behavioral analysis.

The company states that while advanced email security systems use contextual and behavioral detection, they still struggle to identify the newly enhanced attacks facilitated by generative AI. This is because these attacks circumvent the typical patterns that the detection methods were originally designed to recognize.

Moreover, the company claims that solutions currently available in the market rely solely on post-delivery detection. That means the malicious email can sit in the user’s inbox for an extended period before being removed.

“Legacy email security solutions which rely on signatures and reputation analysis struggle to stop even the most basic payload-less BEC attacks,” Tal Zamir, CTO of Perception Point, told VentureBeat. “Our new model’s key strength lies in recognizing the repetition of identifiable patterns in LLM-generated text. The model uses a unique three-phase architecture that detects BEC at the highest detection rates and minimizes false positives.”

Zamir said the solution’s distinction lies in its comprehensive scanning of all emails, quarantining those identified as malicious before they reach the user’s inbox. He explained that this proactive approach eliminates the risks and potential damages associated with detection-based methods that rely on identifying and addressing threats once they have infiltrated the system.

Additionally, the solution incorporates a managed incident response service, relieving customers’ SOC teams of the responsibility to swiftly respond to incidents and deploy new algorithms in real time to counter novel and emerging threats.

Perception Point claims its model exhibits exceptional speed in processing incoming emails, with an average time of 0.06 seconds. The model was initially trained on hundreds of thousands of malicious samples captured by the company and is continuously updated with new data to optimize its effectiveness.

Leveraging generative AI to minimize email-based attacks

Perception Point’s Zamir said the new attacks include cybercriminals exploiting fake emails to impersonate trusted organizations. Using social engineering techniques, the attackers deceive employees into transferring large sums of money or disclosing confidential data.

“Attackers exploit the fact that employees in the modern enterprise are the weakest link in the organization regarding security,” Zamir told VentureBeat. “They are leveraging BEC text-based attacks, which normally do not have malicious payloads such as URLs or malicious files, and thus bypass traditional email security systems, arriving into the users’ inboxes.”

He further stated that the emergence of generative AI, specifically LLMs, has given a boost to impersonation, phishing and BEC attacks. This advancement empowers cybercriminals to operate at greater speed and scale than ever before.

“Tasks that once required extensive time and effort, such as target research, reconnaissance, copywriting and design, can now be accomplished within minutes using carefully crafted prompts,” said Zamir. “This amplifies the threat by expanding the pool of potential victims and significantly increasing the chances of successful attacks.”

To reduce false positives that arise from the extensive use of generative AI for legitimate emails, Perception Point uses a distinctive three-phase architecture in its model. 

Following an initial scoring process, the model employs transformers and clustering algorithms to categorize email content. By integrating insights from these stages with supplementary data, such as sender reputation and authentication protocol information, the model predicts whether an email is AI-generated and determines if it presents a potential threat.

“Our model dynamically scans every email, including the embedded URLs and files, with a patented HAP (Hardware Assisted Platform) detection layer. This is our proprietary next-gen sandbox that dynamically scans content at the CPU/memory level,” said Zamir.

What’s next for Perception Point?

Zamir said that his company aims to develop AI capabilities to sift through vast amounts of data, identifying potential threats and providing customers with actionable intelligence.

He emphasized that integration of generative AI bots into collaboration apps like Slack or Teams, browsers like Edge, and cloud storage services like Google Drive or OneDrive has created new avenues for potential attacks.

“Perception Point recognizes these emerging threats, and we are developing AI security solutions designed to prevent, detect and respond to the ever-increasing threat landscape complexity,” said Zamir. “We will continue to ensure that our clients can leverage the power of generative AI without compromising their security posture.”

VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.


Source link