AI/Machine Learning (ML) software has the ability to “learn” from the consequences of past events in order to help predict and identify cybersecurity threats. According to a report by Webroot, AI is used by approximately 87% of US cybersecurity professionals.
For example, AI can be used to automate the collection of certain information — perhaps relating to a specific organization — which may be sourced from support forums, code repositories, social media platforms and more. Additionally, AI may be able to assist hackers when it comes to cracking passwords by narrowing down the number of probable passwords based on geography, demographics and other such factors.
More Sandbox-Evading Malware
In recent years, sandboxing technology has become an increasingly popular method for detecting and preventing malware infections. However, cyber-criminals are finding more ways to evade this technology. For example, new strains of malware are able to recognize when they are inside a sandbox, and wait until they are outside the sandbox before executing the malicious code.
Ransomware and IoT
We should be very careful not to underestimate the potential damage IoT ransomware could cause. For example, hackers may choose to target critical systems such as power grids. Should the victim fail to the pay the ransom within a short period of time, the attackers may choose to shut down the grid. Alternatively, they may choose to target factory lines, smart cars and home appliances such as smart fridges, smart ovens and mor
This fear was realized with a massive distributed denial of service attack that crippled the servers of services like Twitter, NetFlix , NYTimes, and PayPal across the U.S. on October 21st , 2016. It’s the result of an immense assault that involved millions of Internet addresses and malicious software, according to #Dyn, the prime victim of that attack. “One source of the traffic for the attacks was devices infected by the Mirai botnet”.Preliminary indications suggest that countless Internet of Things (IoT) devices that power everyday technology like closed-circuit cameras and smart-home devices were hijacked by the malware, and used against the servers.
A Rise of State-Sponsored Attacks
The rise of nation state cyber-attacks is perhaps one of the most concerning areas of cyber-security. Such attacks are usually politically motivated, and go beyond financial gain. Instead, they are typically designed to acquire intelligence that can be used to obstruct the objectives of a given political entity.
They may also be used to target electronic voting systems in order to manipulate public opinion in some way.As you would expect, state-sponsored attacks are targeted, sophisticated, well-funded and have the potential to be incredibly disruptive. The countries most notorious for unleashing such attacks include; China, Russia, Iran, Israel, North Korea, and the United States.
Of course, given the level of expertise and finance that is behind these attacks, they may prove very difficult to protect against. Governments must ensure that their internal networks are isolated from the internet, and ensure that extensive security checks are carried out on all staff members. Likewise, staff will need to be sufficiently trained to spot potential attacks.
Shortage of Skilled Staff
By practically every measure, cybersecurity threats are growing more numerous and sophisticated each passing day, a state of affairs that doesn’t bode well for an IT industry struggling with a security skills shortage. With less security talent to go around, there’s a growing concern that businesses will lack the expertise to thwart network attacks and prevent data breaches in the years ahead.
A modern enterprise has just too many IT systems, spread across geographies. Manual tracking of the health of these systems, even when they operate in a highly integrated manner, poses massive challenges. For most businesses, the only practical method of embracing advanced (and expensive) cybersecurity technologies is to prioritize their IT systems and cover those that they deem critical for business continuity. Currently, cybersecurity is reactive. That is to say that in most cases, it helps alert IT staff about data breaches, identity theft, suspicious applications, and suspicious activities.
The Future of Security and AI
In the security world AI has a very clear-cut potential for good. The industry is notoriously unbalanced, with the bad actors getting to pick from thousands of vulnerabilities to launch their attacks, along with deploying an ever-increasing arsenal of tools to evade detection once they have breached a system. While they only have to be successful once, the security experts tasked with defending a system have to stop every attack, every time.
With the advanced resources, intelligence and motivation to complete an attack found in high level attacks, and the sheer number of attacks happening every day, victory eventually becomes impossible for the defenders.
The analytical speed and power of our dream security AI would be able to tip these scales at last, levelling the playing field for the security practitioners who currently have to constantly defend at scale against attackers who can pick a weak spot at their leisure. Instead, even the well-planned and concealed attacks could be quickly found and defeated.
Of course, such a perfect security AI is some way off. Not only would this AI need to be a bona fide simulated mind that can pass the Turing Test, it would also need to be a fully trained cyber security professional, capable of replicating the decisions made by the most experienced security engineer, but on a vast scale.
Before we reach the brilliant AI seen in sci-fi, we need to go through some fairly testing stages – although these still have huge value in themselves. Some truly astounding breakthroughs are happening all the time. When it matures as a technology it will be one of the most astounding developments in history, changing the human condition in ways similar to and bigger than, electricity, flight, and the Internet, because we are in the AI-era.
Ahmed Banafa, Author the Books: