Crowdsourced cybersecurity startup Bugcrowd Inc. has today released a new report that found hackers are more skeptical than Silicon Valley investors when it comes to artificial intelligence.

Bugcrowd’s annual Inside the Mind of a Hacker report found that more than half of respondents, 55%, said that AI could already outperform hackers or will be able to do so within the next five years. However, hackers aren’t worried about being replaced, with nearly three out of four respondents, 72%, saying that generative AI will not be able to replicate the creativity of hackers.

Like the broader population, hackers are increasingly using AI. Half of those polled said they’re now using AI to automate tasks, 48% said they were using AI to analyze data and 36% were using AI to identify vulnerabilities. Validating findings, at 35%, and conducting reconnaissance, at 33%, rounded out the top five responses. Almost two-thirds said they believed that generative AI technologies have increased the value of ethical hacking and security research.

Confirming stereotypes around hackers being young, 57% of hackers were Gen Z aged 18-24, while a further 28% were millennials aged 25-34. No surprise, 96% of respondents were male and 4% were female. The vast majority of respondents, 82%, engage in hacking part-time or consider it a side hustle.

The motivations for ethical hacking varied among respondents, with personal development (28%), financial gain (24%) and excitement (14%) among the top reasons. An overwhelming 87% of respondents prioritize reporting a vulnerability over making money from it.

Interestingly, only 24% of hackers gained their skills through academic or professional courses. The majority are self-taught (71%), using online resources (84%), trial-and-error (40%), and guidance from friends and mentors (34%).

Other interesting takeaways from the report include that more than half of the respondents have refrained from reporting vulnerabilities because of unclear reporting pathways or potential legal repercussions.

“This report is a powerful endorsement of the fact that given the complexity and rapid expansion in the size of an organizations attack surface that automation and AI are required to keep ahead of cybercriminals and state-sponsored threat actors,” Mike Heredia, a vice president at hybrid cloud security provider XM Cyber Ltd., told SiliconANGLE. “With 94% of ethical hackers confirming that they will start to use AI in the future, our view is that this needs to happen now as a reaction to the highly evolved cybercrime industry that already uses automation at scale to penetrate organizations.”

Craig Jones, vice president of security operations at managed detection and response provider Ontinue Inc., pointed to one particular finding in the report that nearly all hackers have used ChatGPT as their go-to chatbot, followed by Google Bard and Bing Chat AI.

“These chatbots prove invaluable in assisting hackers during their security research, offering automated and efficient support,” Jones explained, “But AI chatbots are just the tip of the iceberg when it comes to AI’s influence on hacking. Hackers are eager early adopters of technologies, continuously exploring new possibilities to expand their skill sets and improve their efficacy.”

Image: Bing Image Creator