Attackers are using AI to compromise our systems – but we can use AI to defend ourselves too!

Posted on by Anna

We often hear of hackers and fraudsters using AI against us, for example, by typing a couple of prompts as it is all too easy for low skilled attackers to produce perfectly worded phishing emails designed to make us want to click on links and download malicious files, writes Managing Director Tony Wilson.

Attackers can easily tap into a wealth of knowledge in an attempt to compromise our systems

It’s not all one-way traffic through, as AI can also be a fantastic tool for us to defend ourselves, especially if we aren’t tech savvy.

For example, typing the following prompt into X.com’s AI offering, Grok: “How can I ensure my BT homehub is setup securely?”, returned the following reply (of which only a small part has been reproduced):

To ensure your BT Home Hub (e.g., Smart Hub 2, Home Hub 4, or 5) is set up securely in 2025, follow these steps based on BT’s guidelines and current cybersecurity best practices:

  • Access Admin Settings: Connect to your Hub, open a browser, and enter 192.168.1.254. Log in using the admin password (printed on the Hub’s label if unchanged).
  • Change Default Admin Password: In the Hub Manager, go to “Advanced Settings” > “System” > “Change Password.” Set a strong, unique password (12+ characters, mixing letters, numbers, symbols) to prevent unauthorized access.
  • Update Firmware: Navigate to “Advanced Settings” > “Firmware Update.” Check for updates and enable automatic updates to patch vulnerabilities, as outdated firmware was exploited in 2024 router attacks.
  • Secure Wi-Fi:
    • Rename SSID: Change the default Wi-Fi name (e.g., “BTHub6-XXXX”) in “Wireless” settings to something unique, avoiding identifiable details.
    • Set Encryption: Ensure WPA3 (or WPA2 if unavailable) is selected under “Wireless” > “Security.” Avoid WEP.
    • Strong Wi-Fi Password: Set a complex Wi-Fi password (12+ characters) in the “Wireless” settings.

Pretty good advice. Now all we need to do is follow the advice and keep asking how we can best defend ourselves against other threats.

Of course, not everything AI produces is perfect, for example, the National Cyber Security Centre (NCSC) would prefer us to use three random words as passcodes, but on the whole, it does seem to make good solid suggestions for improving basic security.

Cyber Essentials Certification is also recommended to protect your business systems. Find out more here.