We’re in an escalating world war without end

- By Chris Wood, Chief Investment Strategist at RiskHedge

Whether most folks recognize it or not, we’re currently engaged in an escalating world war without end.

It’s nation vs. nation. Nation vs. business. Business vs. business. Nations and businesses vs. private citizens. And private citizens vs. each other.

This war is not being fought on land, at sea, or in the air. It’s being waged in cyberspace with AI.

And we’re all in the middle of it… at all times.

Today, the internet and the World Wide Web link almost everyone and everything. With the click of a button, you can video chat with your colleague overseas on your laptop… deposit a check into your bank account with your tablet… or buy a car from your smartphone.

A fridge can even send you an alert when you’re running low on milk and eggs.

This interconnectedness has unlocked enormous value. It gives us unprecedented access to information and extraordinary convenience. But it’s also made us much more vulnerable to bad guys.

Thieves can rob your identity or empty your bank account from the comfort of their couches. Governments can easily spy on and censor citizens. And businesses can covertly steal competitors’ trade secrets.

I recently opened a letter from healthcare payment management provider Change Healthcare informing me that cybercriminals breached their systems and may have stolen my health, billing, and personal data.

Cybersecurity Ventures expects cybercrimes like this to cost the global economy a whopping $10.5 trillion next year alone. That’s equal to 2.5X the annual GDP of Japan, which is the third-largest economy in the world.

And with each new day comes a new threat.

Cybercriminals are taking advantage of the fact that enterprise information technology (IT) environments are becoming more complex.

Today, more and more folks work remotely from multiple devices like smartphones, tablets, and laptops.

Many of these devices are owned by employees and not managed by their organization’s IT department. And each year, workers need access to more applications and more open, interconnected networks to be productive.

IT departments today can’t keep up with the number of devices and systems that employees use… let alone protect each one against the growing number of security vulnerabilities.

Meanwhile, as organizations migrate more to the cloud—where critical data and applications are hosted on external servers outside of traditional network boundaries (and traditional perimeter-based defenses)—things only get more complicated and vulnerable.

Cybercriminals are also taking advantage of all the new tools available to them.

See, only sophisticated hackers used to be able to launch dangerous cyberattacks. Now, so-called “script kiddies” with no computer science background can buy cheap, effective, easy-to-use malware on the Dark Web—hidden sites that can’t be found through common search engines or browsers—to wreak havoc.

Vibrant markets on the Dark Web also allow cybercriminals to make more money off stolen personal information and corporate data than ever before.

Meanwhile, the emergence of “Dark AI” has made things even easier for bad guys… and scarier for the rest of us.

Dark AI refers to the application of artificial intelligence—most notably the recent innovations in generative AI (GenAI)—to supercharge cyberattacks. It has all the abilities of the AIs we use every day to improve efficiency, enhance decision-making, and automate tasks… without any built-in ethical guidelines or safety measures.

Dark AI can evolve and adapt, making new threats harder to detect and counteract. It also brings the ability to automate complex cyberattacks at scale, which poses a substantial risk to organizations everywhere.

FraudGPT is a real-world example of Dark AI. It’s a GenAI tool like ChatGPT but designed by and for cybercriminals and sold on the Dark Web. It allows these bad actors to easily write malicious code, find vulnerabilities in target systems, and create undetectable malware, phishing pages, and other hacking tools.

Cybersecurity researchers at Netenrich discovered FraudGPT in July of 2023. They said the advertisement for it on the Dark Web included a video of the tool at work.

In the ad, the user simply types “write me a working code for a Bank of America scam page,” and the tool spits out a perfectly constructed and coded “phishing” email.

As you may know, phishing is an extremely popular social engineering technique used by cybercriminals to steal data and infiltrate networks. These are fake communications that appear legit.

Victims are tricked into providing sensitive information like passwords or financial details on a scam website… or downloading an attachment or clicking a link that installs malware on their systems.

Emails like these are among the most common cyberattacks today. And they’re the costliest for businesses.

Dark AI poses the biggest threat to corporate networks and personal data security we’ve ever seen.

The good news is that we can use AI-powered cybersecurity solutions to fight Dark AI.

AI-powered cybersecurity can analyze enormous amounts of historical data in no time to forecast Dark AI threats. It can analyze and learn the behavior patterns of employees—like who emails who about what—to sniff out malicious communications. And it can even create simulated attack scenarios for proactive defenses.

The only thing that can match the sophistication and speed of Dark AI threats is AI-powered cybersecurity.

Bottom line: Most investment trends fade. Cybersecurity can’t. It’s become a “forever growth” market ripe with opportunities for growth investors.

I recommend “building your own ETF” with 3-4 high quality cyber names. This way you’re not exposed to junk like what’s in the typical ETFs... and you’re still spreading your risk around while concentrating on a select few high-conviction names. _____________________________

Chris Wood is Chief Investment Strategist at RiskHedge. To get more ideas like this from him, check out his substack Grow or Die.