Keynote speaker Brian Krebs calls for more discernment on new technology such as AI, more offensive cybersecurity.
In the closing talk at ISC2 Security Congress in Nashville and online, cybersecurity journalist Brian Krebs delivered a bleak assessment of the cybersecurity impact of artificial intelligence (AI), saying criminals were exploiting the technology while AI firms were often weak on security, in the concluding keynote at ISC2 Security Congress.
Krebs, who has charted the growth of cybercrime for over two decades, also called on defenders to take more offensive action against cyber criminals, saying it was time to stop “hoping everyone will do the right thing”.
Krebs said the security community needed to “come at some of the more stubborn security challenges that we're facing, particularly in authentication and authorization, with a much greater sense of urgency, given how AI is speeding up some of the threats that we're seeing”.
At the same time, he called for more “discernment” about the new wave of AI-based technologies, quipping that the S in AI stands for security.
Questioning the Security Foundations for AI Tools
The new generation of LLMs had been built on the use of automated systems and bots to hoover up data, he said, including copyrighted material.
Quite apart from the ethical questions around this and the hubris and lofty assumptions of many AI proponents, he said, “The constant scraping activity from all these LLMs is indistinguishable from all kinds of other malicious traffic.” These scrapers, he explained, are essentially using the same “sketchy infrastructure” that criminals use to heighten their traffic, i.e., residential proxy networks. These covered the source of “all kinds of dirtballs” he said, “up to APT groups”.
AI companies were making their scraping activities hard to block, and they “can amount to an unintended DDoS” on sites being scraped, sapping their resources.
Within companies, managers were often unaware of the extent of AI use. He singled out the potential threat from agentic AI, which tempts user to “give some or total control over their device.”
Often, Krebs said, “Employees are giving a whole lot of trust to systems that were never designed with security in mind”.
Such services were risky he said, with most using Model Context Protocol (MCP), an open-source standard for connecting AI models to external tools and data sources, allowing them to perform tasks and access information. The catch was these were largely based on standalone servers with “not a whole lot of security built in.” They made assumptions, didn’t always do a good job of segregating traffic and while many support things like OAuth, few coders actually use it.
The threats posed by agents were no longer theoretical, he said. Agents could grab and install compromised packages, or developers could be directed to compromised websites with unwanted commands in white text on white backgrounds.
Access Control Challenges
This was related to the broader problem of credential compromise, which Krebs said remains the root cause of most breaches.
When it comes to AI, the problem was made worse because, Krebs said, “A lot of companies get star struck when they look at these new AI companies” thinking they must have advanced cybersecurity in place.
The truth was very different, he said, citing one Vietnamese developer whose systems were constantly reinfected with malware because their coders kept downloading pirated software.
He also cited the “titanic ecological costs” of AI which made the power demands of bitcoin look like child’s play. This was having an effect beyond technology, he said, with consumers seeing ever rising energy prices and real-world businesses struggling to pay their electricity bills.
AI product could often take on the characteristics of highly processed food. “The true origins are kind of murky, might not feel great after using it and if consume too much it might kill you”.
But Krebs also delivered thoughts on how we can do better in the face of cyber attackers, even as they exploited AI.
He called for the U.S. to follow Canada’s lead in requiring ISPs to block customers from reaching things like known command and control servers for botnets, bullet proof hosting sites, or DDoS providers.
“There needs to be a global push for more phishing resistant authorization,” he said, adding that governments should train more law enforcement on cybercrime and combine it with other actions including continuous operations against the same or similar targets.
He said the U.S. Justice Department deserved credit for disrupting DDoS for hire networks.
“Every time they disrupt the apple cart, every time they bust something up, they massively disrupt the cybercrime industry,” he said.
Resurgence of the Bedroom Hacker
Closer to home, recent attacks by groups of teenagers needed to be taken far more seriously. Referring to them as “advanced persistent teenagers” he said they were some of the most damaging groups out there.
“The feds have taken to treating some of these cybercrime groups as actual terrorist groups, because some of them are involved in organized extortion and organized sextortion”.
Five Eyes alliance (U.S., U.K., Canada, Australia, New Zealand) lawmakers “need to figure out how they can keep these underage masterminds detained if they can’t charge them federally.” Otherwise, he said, they go right back to what they’re doing.
Too many ransomware victims were still paying up, he said. “The Treasury should sanction all known ransomware groups”.
It was time to “unleash the hounds a bit more”, in the shape of offensive security. Krebs welcomed Google’s pledges to do more offensive security. Microsoft had been taking legal action against botnets, he said, noting that Google and Meta had done a few as well.
But he continued, “I think the offensive security options can go safely beyond lawfare”.
While security professionals should “learn how to use these new disruptive and rapacious AI tools and technologies” Krebs said, they should also learn “how to do without it”.
Krebs also gave an insight into his personal security situation while taking questions. He said, “the most important protection for me is physical security.” Around a decade ago, he continued, “A whole bunch of strange stuff turned up at my house.” This ranged from narcotics, guns and adult toys to entire SWAT teams.
He and his wife had subsequently embarked on a “radical reset”.
“Our neighbors don’t know our name,” he said. “It’s extreme. I wouldn't wish what we've done on anybody, because it's very cash intensive. It's also really easy to screw up”.
