AI vs AI: How cybersecurity pros can use criminals’ tools against them

For a while now, AI has played a part in cybersecurity. Now, agentic AI is taking center stage. Based on pre-programmed plans and objectives, agentic AI can make choices which optimize results without a need for developer intervention.

As agentic AI can be programmed for various tasks, AI agents are set to create a labor revolution, from manufacturing to customer service. However, this comes at a cost, as they can also be programmed to conduct fraudulent activities, such as advanced social engineering attacks utilizing social media data and deepfakes for highly personalized phishing schemes. Because of this, Gartner warns that within two years AI agents will accelerate how long it takes to take over exposed accounts by 50%.

But AI tools also have the potential to become agents for good. Cybersecurity experts in the UK have developed a chatbot named Daisy to act as the perfect phone fraud victim who wastes scammers’ time by keeping them on the phone. This unexpected approach shows that even when we cannot catch the threat actors, we can direct their time and energy to futile causes like talking to Daisy, thus reducing their ability to hurt others.

It is easy to then imagine a situation where this is adapted to organizational settings to waste the time of more sophisticated attackers. Especially as AI systems can be built to block suspicious activity, analyze real-time threats on their own, and research the cyber threat landscape to make recommendations for network security improvements.

Proxies and their role in cyber defenses

Proxy servers act as intermediaries between the device making requests and the responding server. They provide an additional layer when receiving requests, so that the request is rerouted and verified before reaching its intended destination. A proxy provides users with a different IP address when sending requests so that the server does not know your real one, adding further anonymity.

Proxies have been used on both sides of the cybersecurity battle: Proxy networks can be used as botnets for scams and DDoS attacks, but they also help to defend against such attacks and help cybersecurity measures to function more effectively. For example, in sandboxing, proxies direct suspicious emails to sandbox servers where they can be inspected without having to contact the internal network.

Proxies also turn online anonymity against threat actors. By using proxies, cybersecurity specialists can stay anonymous when collecting open-source intelligence from otherwise hard-to-access online hacker forums. Therefore, when paired with AI solutions, a whole network of trustworthy proxies can collect data on a large scale.

Fortifying the digital frontline by combining forces

AI and proxies are strong weapons for both good and bad. However, combined, their forces give a strong advantage to one side, making them a crucial weapon for the cybersecurity community.

Solutions currently in use include web monitoring technologies that can detect vulnerabilities and identify emerging threats. AI-powered and proxy-supported infrastructures allow such data to be gathered on a large scale without being blocked by hackers who gatekeep forums, blogs, and marketplaces where crucial threat data can be found. By using proxies in this process, cybersecurity firms and specialists avoid exposing their own information to attackers. Meanwhile, AI plays a role by helping to navigate the measures put in place by hackers to stop such web scraping activity.

Proxies are also used in tandem with AI to scan billions of URLs every day to identify potential threats. For example, they play a key role in detecting and stopping drive-by-downloads. However, when AI-powered tools access these websites via a proxy server, they find the threat without downloading it and can block its contact with the company network ahead of time.

Happily, the continued development of agentic AI systems promises even greater possibilities for proxy-supported threat detection and network defense. AI agents created specifically for this purpose with the support of vast proxy infrastructures will be able to scan the web on their own and determine the best approaches ahead of threat actors. Such agents will be able to manage many interactions with scammers with minimal human oversight, learning and adapting so that they always check suspicious links, emails, and other online attack vectors.

Eventually, AI agents will neutralize social engineering attacks by removing their human link, just like with Daisy, the sweet old AI timewaster.

Weighing up the good and bad

While cybersecurity experts acknowledge the dangers of agentic AI, there is plenty of room for the technology to be developed for good, as we can already see in AI-powered tools for cybersecurity and intelligence gathering. Additionally, cybersecurity professionals can build and use vast legally sourced proxy infrastructures without having to hide in the shadows because it is done for the right reasons. This provides organizations a huge advantage over cyber criminals.

Despite always needing to progress with caution, the improvement of technology should also excite the cybersecurity industry. A “whatever they can do, we can do better” attitude makes cybersecurity professionals well-positioned to use emerging AI agents and well-established proxy technology to their advantage.