Regulating AI to combat tech-crimes: fighting the misuse of generative AI for cyber attacks and digital offenses

Looking back at the progress made in cybersecurity regulation in the EU, significant accomplishments have been achieved. Looking to the future, this paper argues that further milestones in cybersecurity regulation could be attained through comprehensive integration with diverse legal frameworks related to ICT technologies, and in particular by combating the proliferation and misuse of tools that have the potential to facilitate cyberattacks and cybercrime. Within this framework, the present research is primarily focused on Generative AI and the need to prevent its malicious use for cyber-attacks and cybercrime: alongside the criminal prosecution of cybercrime and the established “protective” legal framework of cybersecurity regulation, the forward-looking perspective should also encompass a complementary strategy for mitigating cyber risks and cyber threats related to Generative AI, in the evolving landscape of cybersecurity.