Strengthening Security Awareness in the Era of Artificial Intelligence-Based Cyber Threats

Abstract

Artificial intelligence (AI) is developing rapidly and is increasingly being applied in various fields, including cybersecurity. However, this development also introduces new, more sophisticated threats that are difficult to detect. AI-based cyber threats, including adaptive malware, highly personalized phishing, deepfakes for identity manipulation, adaptive distributed denial of service (DDoS) attacks, and automated ransomware, are projected to escalate by 2025. These threats' complexity requires a security approach that relies not only on technology but also on human awareness as the first line of defense. In Indonesia, the 2024 Cybersecurity Landscape Report, published by the National Cyber and Crypto Agency (BSSN), shows that public and institutional awareness of information security is still relatively low. This study presents a systematic literature review of 30 articles to examine how security awareness is being strengthened in the context of AI-based cyber threats. The review identified six main categories of AI enabled threats social engineering and phishing, content manipulation and impersonation, malware and ransomware, attacks against machine learning models, service disruption, and automated AI-orchestrated attacks. In parallel, seven categories of awareness strategies were synthesized: education and training programs, gamification and simulation-based learning, policy and governance support, technical and system-level controls, collaboration and multi-stakeholder engagement, legal and ethical frameworks, and psychological or human-centric approaches. The findings highlight that strengthening security awareness requires an integrated and multidimensional approach that bridges technological, organizational, regulatory, and human-centered efforts.