Kevin BeaumontOct 29
The management at my org is thankfully very good and gets it, but if you are struggling to explain to your management as to why they should stop sucking the GenAI marketing juice and chasing the AI laser pointer like a cat and instead do foundational security, explain it a way they'll understand: AI.
Show threadKevin BeaumontOct 29

Also, if your management has seen the widely reported "80% of Ransomware Attacks are AI-Driven" headline published by MIT, it was paid for by a vendor.

The paper is absolutely ridiculous. It describes almost every major ransomware group as using AI - without any evidence (it's also not true, I monitor many of them). It even talks about Emotet (which hasn't existed for many years) as being AI driven.

It cites things like CISA reports for GenAI usage.. but CISA never said AI anywhere.

Show threadKevin BeaumontOct 29

The PDF is here and is absolutely crackers, MIT should be ashamed of themselves for letting this out the door.

https://cams.mit.edu/wp-content/uploads/Safe-CAMS-MIT-Article-Final-4-7-2025-Working-Paper.pdf

No, REvil don't use AI to set ransom demands, CISA never said that, none of the sources cited said that, and they were running before the GenAI craze. It's just absolute nonsense, every page is.

Show threadKevin BeaumontOct 29
If you want to know why MIT are working with Safe Security and what Safe Security are doing... they sell an AI product which they say is developed with MIT to solve the report they made up, after receiving 8 figures in VC funding.
Show threadtripleman, a 🇨🇦 in 🇩🇪
@GossiTheDog I was going to snarkily ask ‘did AI write the paper?’ but the answer is obviously yes.
Oct 29 at 4:31pmIvory for iOS