Cybersecurity Awareness Month Week 2

Welcome to week 2 of cybersecurity awareness month, today’s topic will be discussing AI technology.

When interacting with any AI tool such as ChatGPT, draw AI, or even Alexa and Google Assistant keep in mind the following points:

1. Be mindful of the information that you provide as that information can be retained for any number of years.

• The link below provides an example of how sharing too much information can be leaked to others using Chat GPT.
• https://www.malwarebytes.com/blog/news/2023/03/chatgpt-reveals-chat-history-of-other-users

2. Review the privacy policy of any AI tool that you intend to use to provide you with insight into how the developers of the AI tool plan to use your data. Additionally, ensure that the tool you are using follows a “responsible AI” approach see the link below for examples:

• https://ai.google/responsibility/responsible-ai-practices/
• https://www.techtarget.com/searchenterpriseai/definition/responsible-AI

3. AI is extremely useful in providing the information needed for any situation, but becoming too reliant on AI can make you susceptible to fabricated, false information, or plagiarism. Use AI as a brainstorming tool or for inspiration as opposed to copying everything it gives you.

• See the link below on how to approach AI for educators and students –
• https://edudownloads.azureedge.net/msdownloads/Getting-Started-with-AI-for-Educators-Ethan-and-Lilach-Mollick.pdf

Not only is AI used for the answers to questions we always have but it has been seen used by malicious actors to give them a better edge in creating phishing and malicious attacks against organizations that are more effective than before. Ensure that the following measures are implemented can protect your account from AI-assisted phishing, impersonation, and other malicious attacks:

• Ensure that all your account passwords are unique and have not been used on another account.
• Your passwords are at a minimum of 12 characters.
• MFA is enabled on all your accounts if possible.
• Never provide your password to anyone, even if it is someone you trust or your IT department.
• Be on the lookout for phishing or suspicious activity and report them to your security office right away.
• See the link below to learn more about how AI is changing phishing attempts.
• https://www.microsoft.com/en-us/microsoft-365-life-hacks/privacy-and-safety/how-ai-changing-phishing-scams#:~:text=When%20you%20combine%20spear%20phishing,highly%20targeted%20spear%20phishing%20attack.

Keep in mind that this is not an exhaustive list, there is an abundance of information that can be gathered from AI.