Story image

The weaponisation of AI: how to defend against machine generated cyber attacks

26 Jun 18

Article written by Neustar senior VP, technologist and fellow Rodney Joffe 

Over the past couple of years, Artificial Intelligence (AI) and machine learning have progressed unchecked to remarkably sophisticated levels with their unprecedented growth also leading to the development of many beneficial applications. Applications ranging from virtual assistants, like Alexa and Siri, to advanced data analytics and autonomous vehicles are just some ways in which both AI and machine learning has seamlessly evolved and integrated into our everyday lives.

According to the Malicious Use of Artificial Intelligence report, the ‘weaponisation’ of AI was predicted to be one of the biggest cybersecurity threats of 2018. The report - contributed to by 26 authors from 14 different institutions including academia, civil societies and industries - believes that while hackers will definitely exploit machine learning for malicious purposes, this development means that they now have to ability to target much larger organisations and cause extensive widespread damage.

AI: The new weapon of choice?

Unlike more ‘traditional’ forms of malware, AI has proven to be the ideal tool for conducting DDoS attacks. AI is easily scalable, extremely efficient and capable of making automated decisions, such as who, what, when, where and how to attack a network. In fact, in many cases, AI is actually capable of better decision making and efficiency than humans.

It has the capacity to create personalised phishing attacks by collecting and analysing information on their preferred targets from publicly available sources including a person’s or businesses online presence, such as their Facebook or LinkedIn profiles.

As AI continues to learn, and attacks become more complex, how can IT managers safeguard their companies from ongoing threats?

Defending against the rise of the machines

The rise of machine-generated attacks may be cause for concern, however, there are processes that can be implemented to prevent organisations from falling prey to these attacks. The first step is to make sure that appropriate measures are in place, which may include patch and threat management systems, as well as identification and encryption of vulnerable data to suit organisational circumstances.

While these systems are an important piece of the puzzle, the most vital part of protecting your network is being proactive about network security. How is this achieved? By ensuring that your organisation has the capability to rapidly change course when necessary, just as AI can.

Once all of these controls have been implemented it is extremely important to clearly define what your organisation requires in terms of processes and procedures.  Many believe that implementing DDoS mitigation technology as a stand-alone defence system is sufficient, however, this is simply not the case.

Even in a best-case scenario the most advanced mitigation solutions in the world are only as good as the processes that are in place to support it. Mitigation software is not a standalone answer.

It is essential that all IT managers have a concrete understanding and a deep knowledge of what is normal for their systems. This can be a massive challenge and is why having a very clear understanding of your company’s assets and how they communicate and interact with one another can provide unmatched value.

When processes are firmly ingrained, it then becomes less challenging for organisations to easily identify, quarantine and investigating events that are not considered the norm.

While many organisational leaders aim to make this a quarterly process this is not frequent enough to stay on top of potential discrepancies. Instead, making strict security and governance a daily process better ensures that they can completely safeguard themselves against potential attacks.

As the mainstream adoption and acceptance of AI continues to grow rapidly, cybercriminals will continue to adapt and find new opportunities to create chaos within an organisation. However, much like self-learn technology, which continues to grow smarter and better – as it is designed to do – organisations and their IT managers must also learn how to continuously adapt and improve their proactive defence.

This can be done by making sure that they have a crystal clear understanding of their networks. By ensuring that they have a solid understanding they can be confident in their ability to internally detect any anomalies and are well prepared to protect their organisations against even the most unpredictable AI attacks.

Cylance makes APIs available in endpoint detection offering
Extensive APIs enable security teams to more efficiently view, enrich, and contextualise real-time intelligence collected at the endpoint to keep systems secure.
SolarWinds adds SDN monitoring support to network management portfolio
SolarWinds announced a broad refresh to its network management portfolio, as well as key enhancements to the Orion Platform. 
JASK prepares for global rollout of their AI-powered ASOC platform
The JASK ASOC platform automates alert investigations, supposedly freeing the SOC analyst to do what machines can’t. 
Pitfalls to avoid when configuring cloud firewalls
Flexibility and granularity of security controls is good but can still represent a risk for new cloud adopters that don’t recognise some of the configuration pitfalls.
Securing hotel technology to protect customer information
Network security risks increase exponentially as hotels look to incorporate newer technologies to support a range of IoT devices, including smart door locks.
Why total visibility is the key to zero trust
Over time, the basic zero trust model has evolved and matured into what Forrester calls the Zero Trust eXtended (ZTX) Ecosystem.
Gartner names Proofpoint Leader in enterprise information archiving
The report provides a detailed overview of the enterprise information archiving market and evaluates vendors based on completeness of vision and ability to execute.
Tensions on the rise after Huawei CFO arrest
“Recently our corporate CFO, Meng Wanzhou, was provisionally detained by the Canadian authorities on behalf of the United States of America."