Generative AI, Retrieval-Augmented Generation (RAG) and Agentic AI in Offensive Cyber Operations
In this talk, we begin with taking stock of how Generative AI (GenAI) has influenced the conduct of offensive cyber operations, primarily improving the adversary’s operational effectiveness. With Aquatic Panda (aka Charcoal Typhoon), a prolific China-nexus adversary as the frame of reference, we will discuss how the current state of GenAI can improve the adversary’s tactics, techniques, and procedures (TTPs).
Following then, we will look into how Retrieval-Augmented Generation (RAG) can be applied to generate novel TTPs that would materially enhance an adversary’s offensive capabilities. We will conclude the discourse with a brief prognosis of the impact that Agentic AI could have on offensive cyber operations, particularly in the areas of autonomous operations, agent specialisation, and false flag operations.
Aaron Aubrey Ng – Stanford University
Aaron is a Senior Systems Engineer at CrowdStrike where he advises customers on their security needs and solutions. He is based in Dubai and supports the CrowdStrike business across the Middle East, Turkey, and Africa (META) region. As a security and intelligence evangelist. Aaron speaks at various security conferences including BlackHat MEA, DeepINTEL, MENA ISC, GovWare, RootCon, AVAR, BSides, SINCON, and StandCon.
Prior to joining industry, Aaron served 12 years of Active Duty in the Singapore Armed Forces as a Military Intelligence Officer. He served in multiple command appointments in classified Intelligence units, and garnered staff experience in the areas of strategic planning and policy development. In his penultimate tour of duty, Aaron was instrumental in developing the masterplan for the Digital and Intelligence Service (DIS), the digital service branch of the SAF.
Outside of work, Aaron contributes to cybersecurity research and education. He collaborates with the Stanford Gordian Knot Center for National Security Innovation on research covering China’s cyber capabilities. Aaron is also serving as an Adjunct Faculty member at the Faculty of Computer Information Science at the Higher Colleges of Technology (HCT) in the UAE, and is currently undergoing the Instructor Development Program with the SANS Institute.