- For cyber criminals, AI is a powerful new tool to breach information security
- And it is reality now
- Stratagems and technologies exist to fight back but...
- You can cut a head off the Hydra, but two more grow in its place
A new survey from US cyber security company Cylance reveals that 62 per cent of information security experts believe that artificial intelligence (AI) will be weaponized and used as a primary means to effect cyber attacks within the next year. Cylance, headquartered in Irvine, southern California, says that AI is a "double edged sword" in that while it can be used to slow and perhaps even prevent security breaches and cyber attacks, it also has the potential quickly to create the most advanced attacks yet seen.
The trouble is, that attacks are likely to precede solutions to deal with them - in the short-term at least. However, the report adds that automated, AI-based cyber attacks will not affect the continuing development of defensive AI that even now is being deployed to resist assaults on information systems and networks.
The new research was conducted and analysed just last week at the annual Black Hat USA symposium held in Las Vegas, Nevada, For the past 20 years the Black Hat events (which are held all over the world) been central to the dissemination and discussion of the latest news, data and scuttlebutt on trends and developments in information security. A central theme to this year's meeting was that AI is no longer a theory that might, one day, become a reality but is with us now and is proliferating.
Hence the Black Hat emphasis on the new threats networks and devices now face and how they will have to be countered by active intelligent defence measures designed proactively to minimise and even prevent the possibility and impact of such attacks. People are worried but expectations are high that the industry will be up to the task of taking on AI cyber-criminals and beating them at their own dangerous game.
Other concerns include corporate complacency and disregard of the threat
Another high risk area identified that could open up a company or a network to an AI-led incursion is that of corporate complacency leading to disregard of the possibility of cyber attacks and/or negligence on the part of organisations that could leave a network or system open to an AI-initiated attack. There is also minimal agreement on the part of companies and organisation as to which groups (be they nation states at one end of the spectrum or the common or garden nasty little cyber crook at the other) pose the biggest threat to information security.
There is agreement that the answer is to foster an atmosphere and programme of education initiatives to inform companies and organisations about the reality of cyber attacks as well as the development and deployment of technologically advanced defensive solutions.
Interestingly, infosec executives at the Black Hat gathering who were surveyed and asked about the top IT issues they been concerned about over the last three months, did not put cyber attacks at the top of their list of immediate worries but rather expressed generalised concerns about phishing (36 per cent), critical infrastructure attacks (33 per cent), IoT attacks (15 per cent), ransomware attacks (14 per cent) and botnet attacks (bottom of the list with just one per cent).
That said, asked about what they were most worried about as far as their own companies and organisations are concerned, 39 per cent of Black Hat attendees cited OS patching and updating, 24 per cent thought compliance issues were the most concerning and 18 per cent considered ransomware to be the biggest threat. Further down the list were triggering alerts (10 per cent) and and identity theft and DoS attacks at 8 per cent.
Overarching it all though is the looming threat of AI-enabled and initiated cyber attacks. More than 62 per cent of respondents said that such an event could hit them within the next 12 months, However, some 32 per cent disagreed and opined that such an attack "is not a possibility". Six per cent of respondents said they didn't know either way.
One thing people are sure about though is that despite all the publicity about the recent taking down of AlphaBay and Hansa, two dark web markets notorious for selling a range of malware viruses, 79 per cent of those who responded to the Cylance survey were of the opinion such actions, whilst very welcome, are rare, generally ineffective except in the very short term and will have no lasting impact on the frequency of cyber attacks. In ancient Greek mythology, one of the Labours of Hercules required him to behead the nine-headed Hydra but when one was lopped-off another two more immediately sprouted-up to replace it. The analogy to cyber attacks and the dark web is obvious.
Dark Hat 2017 also discussed what is likely to be the greatest cyber security threat to the US overall. Speakers and attendees alike cited cyber attacks sponsored or originated by arms of rogue nation states with Putin's Russia being regarded as the biggest problem by 34 per cent of respondents. However, close behind came organised cybercrime gangs (33 per cent) followed by China (20 per cent and North Korea (11 per cent). Iran came bottom of the list with just two per cent of respondents regarding the country as a major threat to the USA.
For its part, Cylance stresses that a combination of AI, algorithmic science, machine learning and predictive analysis applied to cyber security will be vital to preventing ever-advancing and more sophisticated security threats. What is needed is a system that easily and quickly can differentiate between the benign and the malicious and then immediately act to ameliorate hostile incursions by stopping malicious code from getting anywhere near a targeted system or network. Coupling advanced machine learning and AI to a deep appreciation of what an attacker is trying to achieve seems to be the way to go.
Email Newsletters
Sign up to receive TelecomTV's top news and videos, plus exclusive subscriber-only content direct to your inbox.