A sharp rise in hackers' confidence in AI technologies has been revealed in the Inside the Mind of a Hacker 2024 report, published today by Bugcrowd.
The study, which gathered insights from 1300 ethical hackers and security researchers, shows that 71% now believe AI increases the value of hacking, compared to just 21% in 2023.
This significant shift highlights the growing role of AI within the hacking community, both as a tool and as a potential risk.
Generative AI tools have also seen increased use among hackers, with 77% of respondents reporting adoption, up from 64% in 2023.
Human Ingenuity vs. AI Capabilities
However, despite the rise in AI use (incidentally not so widespread among European firms), hackers remain confident in their ability to outperform AI.
Only 22% believe AI outmatches human hackers and just 30% think AI can replicate human creativity. This suggests that while AI may enhance specific capabilities, human ingenuity is still crucial to uncovering the most complex vulnerabilities.
Key findings from the report include:
- 93% of hackers agree that companies adopting AI have created new attack vectors
- 86% believe AI has fundamentally changed their hacking strategies
- 82% feel the AI threat landscape is evolving too fast for adequate security
- 73% remain confident in their ability to identify vulnerabilities in AI-powered apps
"AI-assisted attacks are now commonplace in BEC, phishing and social engineering," commented SlashNext CEO Patrick Harr.
"We anticipate that it will become more prevalent in Malware and Large Language Model (LLM) poisoning and model injection."
Read more : New ConfusedPilot Attack Targets AI Systems with Data Poisoning
The Evolving Landscape of Cybersecurity Careers
The report also highlighted that hacking has become a viable career path, particularly for younger individuals. A substantial 88% of respondents were between the ages of 18 and 34, with many pursuing hacking full-time.
Most hackers reported learning their skills independently, using online resources, self-study or trial and error, rather than formal education.
"As AI automates more tasks in cybersecurity, the role of cybersecurity professionals will evolve, as opposed to becoming a commodity," explained Pathlock CEO Piyush Pandey.
"Talented cybersecurity pros with a growth mindset will become increasingly valuable as they provide the practical insights to guide AI's deployment internally."