Using artificial intelligence (AI) to process data-heavy tasks such as banking increases efficiency and service quality, but it also poses new cybersecurity threats that need to be assessed and managed carefully.
That was a key message at a cross-industry conference held by the National Cybersecurity Association in Hanoi on April 7, which aims to boost collaboration between the banking sector and technology companies in walking the thin line between using AI to identify AI-enabled cyber threats and preventing cyber threats caused by AI.
In Vietnam’s financial and banking sector, AI tools are being applied in several activities such as credit assessment and scoring, fraud detection and customer support, improving efficiency and service accessibility for customers, according to Pham Tien Dung, Deputy Governor of the State Bank of Vietnam.
However, these tools are also changing the nature of cyber risks and pose significant challenges to cybersecurity.
“Attackers exploiting AI to automate processes, scale up and increase the sophistication of their attacks have made the cybersecurity environment more complex and posed greater challenges to traditional security methods,” he said.
This calls for a dual approach in the sector that, on one hand, deploys AI in a reliable and controlled manner for necessary tasks, and on the other, establishes a defence mechanism to protect these AI-powered systems from being exposed to cyber attacks, according to Dung.
“Building an AI ecosystem goes beyond just technology. It also requires data governance, risk management and cybersecurity assurance, from the initial design phase and throughout the entire operation process,” he said.
Not only the banking system, but ordinary citizens were also being exposed to more sophisticated cyber threats involving AI, said Colonel Nguyen Hong Quan, Deputy Director of the Department of Cyber Security and High-Tech Crime Prevention under the Ministry of Public Security.
“While cybercriminals previously relied primarily on traditional techniques and tools, today, with the support of AI, they are able to automate large-scale attacks with unprecedented sophistication,” he said. “Personalised scams and counterfeit products using deepfake technology are becoming increasingly difficult to identify, and malware can adapt to evade defence systems."
Another notable point is that cybercriminals are shifting from individual operations to a professional, systematic and industrialised model, significantly shortening preparation time and expanding the scope of attacks, Quan added.
“This leads to a new reality, which is that cyberspace is no longer a static environment but a dynamic battlefield, where offensive and defensive activities occur continuously and at an ever-increasing pace,” he said.
From a national security perspective, Quan said AI would present numerous strategic challenges, including the protection of data sovereignty, dependence on foreign platforms and technologies, and the need to protect AI systems themselves, which have become new targets of attack.
“In this context, enhanced cooperation among government agencies, businesses and international organisations is essential,” he said.
Speaking from the perspective of tech companies that provide AI-integrated cybersecurity solutions, Ruma Balasubramanian, President in Asia Pacific & Japan of Check Point Software, said it was of utmost importance for industry players, in both the private and public sectors, to understand that they would need to re-establish what they know about cybersecurity.
It starts with understanding exactly what system or data they are protecting, who the attackers are and what they are capable of, according to Balasubramanian.
They will also have to modernise existing security tools and reassess everything from the ground up to ensure that their organisation is not vulnerable to AI-based attacks, she added.
The final step is to adopt and leverage AI in a safe and secure way to increase cybersecurity capabilities, which industry partners such as Check Point can help with.
“Understanding what cybersecurity tools are out there that really leverage this technology is critically important as you build out your capabilities,” Ruma said.
According to research data from Check Point, in any given week in Vietnam, government databases are being attacked more than 14,000 times on average, while any given organisation faces around 5,300 attacks in the same timeframe, nearly three times the global average./.
