Bugcrowd, a leading crowdsourced cybersecurity startup, has recently released it’s annual “Inside the Mind of a Hacker” report, revealing interesting insights into the perception of artificial intelligence (AI) among hackers. Surprisingly, the report highlights that hackers are more skeptical than Silicon Valley investors about AI’s capabilities in ethical hacking, despite the growing adoption of AI in their practices.
Hackers doubt AI’s superiority
According to Bugcrowd’s report, over 55% of respondents believe that AI can outperform hackers or will be able to do so within the next five years. However, most hackers (72%) are not concerned about being replaced, as they believe generative AI lacks the creativity necessary to replicate their skills. This skepticism suggests that hackers recognize the unique problem-solving abilities and ingenuity that human hackers possess, which they believe AI lacks.
Increased adoption of AI by hackers
Contrary to their doubts about AI’s abilities, hackers increasingly embrace AI in their work. The report reveals that 50% of those surveyed currently use AI to automate tasks, 48% utilize AI for data analysis, and 36% employ AI to identify vulnerabilities. The top five AI applications among hackers include validating findings (35%) and conducting reconnaissance (33%). Furthermore, nearly two-thirds of the respondents believe that generative AI technologies have enhanced the value of ethical hacking and security research.
The report confirms stereotypes about hackers being predominantly young, with 57% falling into the Gen Z age group (18-24 years) and an additional 28% being millennials (25-34 years). The survey respondents were predominantly male (96%) and engaged in hacking part-time or as a side hustle (82%). The motivations for ethical hacking varied among respondents, with personal development (28%), financial gain (24%), and excitement (14%) being the top reasons. Notably, an overwhelming majority (87%) of hackers prioritize reporting vulnerabilities rather than exploiting them for financial gain.
Interestingly, only 24% of the hackers acquired their skills through academic or professional courses. The majority (71%) are self-taught, relying on online resources (84%), trial-and-error (40%), and guidance from friends and mentors (34%) to develop their hacking skills. This finding highlights the resourcefulness and adaptability of hackers in acquiring the necessary knowledge and expertise.
Challenges and opportunities
Bugcrowd’s report highlights that over half of the respondents refrained from reporting vulnerabilities due to unclear reporting pathways or potential legal repercussions. This finding underscores the need for organizations to establish clear and accessible channels for vulnerability reporting, thereby fostering a collaborative and transparent cybersecurity ecosystem. The report also emphasizes the hackers’ preference for AI-powered chatbots, with ChatGPT being the most widely used, followed by Google Bard and Bing Chat AI. Hackers find these AI chatbots invaluable for assisting security research, showcasing their willingness to adopt emerging technologies to enhance their efficacy.
Bugcrowd’s “Inside the Mind of a Hacker” report sheds light on hackers’ attitudes towards AI in cybersecurity. While hackers acknowledge the potential of AI to outperform them, they maintain that AI lacks the creativity necessary to replicate their unique problem-solving abilities. Nevertheless, hackers increasingly leverage AI tools and automation to enhance their work, including automating tasks, analyzing data, and identifying vulnerabilities. As the cybersecurity landscape evolves, organizations should embrace AI technologies to stay ahead of cybercriminals while providing clear pathways for vulnerability reporting to foster collaboration and transparency in the industry.