Story image

The weaponisation of AI: how to defend against machine generated cyber attacks

26 Jun 2018

Article written by Neustar senior VP, technologist and fellow Rodney Joffe 

Over the past couple of years, Artificial Intelligence (AI) and machine learning have progressed unchecked to remarkably sophisticated levels with their unprecedented growth also leading to the development of many beneficial applications. Applications ranging from virtual assistants, like Alexa and Siri, to advanced data analytics and autonomous vehicles are just some ways in which both AI and machine learning has seamlessly evolved and integrated into our everyday lives.

According to the Malicious Use of Artificial Intelligence report, the ‘weaponisation’ of AI was predicted to be one of the biggest cybersecurity threats of 2018. The report - contributed to by 26 authors from 14 different institutions including academia, civil societies and industries - believes that while hackers will definitely exploit machine learning for malicious purposes, this development means that they now have to ability to target much larger organisations and cause extensive widespread damage.

AI: The new weapon of choice?

Unlike more ‘traditional’ forms of malware, AI has proven to be the ideal tool for conducting DDoS attacks. AI is easily scalable, extremely efficient and capable of making automated decisions, such as who, what, when, where and how to attack a network. In fact, in many cases, AI is actually capable of better decision making and efficiency than humans.

It has the capacity to create personalised phishing attacks by collecting and analysing information on their preferred targets from publicly available sources including a person’s or businesses online presence, such as their Facebook or LinkedIn profiles.

As AI continues to learn, and attacks become more complex, how can IT managers safeguard their companies from ongoing threats?

Defending against the rise of the machines

The rise of machine-generated attacks may be cause for concern, however, there are processes that can be implemented to prevent organisations from falling prey to these attacks. The first step is to make sure that appropriate measures are in place, which may include patch and threat management systems, as well as identification and encryption of vulnerable data to suit organisational circumstances.

While these systems are an important piece of the puzzle, the most vital part of protecting your network is being proactive about network security. How is this achieved? By ensuring that your organisation has the capability to rapidly change course when necessary, just as AI can.

Once all of these controls have been implemented it is extremely important to clearly define what your organisation requires in terms of processes and procedures.  Many believe that implementing DDoS mitigation technology as a stand-alone defence system is sufficient, however, this is simply not the case.

Even in a best-case scenario the most advanced mitigation solutions in the world are only as good as the processes that are in place to support it. Mitigation software is not a standalone answer.

It is essential that all IT managers have a concrete understanding and a deep knowledge of what is normal for their systems. This can be a massive challenge and is why having a very clear understanding of your company’s assets and how they communicate and interact with one another can provide unmatched value.

When processes are firmly ingrained, it then becomes less challenging for organisations to easily identify, quarantine and investigating events that are not considered the norm.

While many organisational leaders aim to make this a quarterly process this is not frequent enough to stay on top of potential discrepancies. Instead, making strict security and governance a daily process better ensures that they can completely safeguard themselves against potential attacks.

As the mainstream adoption and acceptance of AI continues to grow rapidly, cybercriminals will continue to adapt and find new opportunities to create chaos within an organisation. However, much like self-learn technology, which continues to grow smarter and better – as it is designed to do – organisations and their IT managers must also learn how to continuously adapt and improve their proactive defence.

This can be done by making sure that they have a crystal clear understanding of their networks. By ensuring that they have a solid understanding they can be confident in their ability to internally detect any anomalies and are well prepared to protect their organisations against even the most unpredictable AI attacks.

Why SD-WAN is key for expanding businesses - SonicWall
One cost every organisation cannot compromise on is reliable and quick internet connection.
New threat rears its head in new malware report
Check Point’s researchers view Speakup as a significant threat, as it can be used to download and spread any malware.
Oracle updates enterprise blockchain platform
Oracle’s enterprise blockchain has been updated to include more capabilities to enhance development, integration, and deployment of customers’ new blockchain applications.
Used device market held back by lack of data security regulations
Mobile device users are sceptical about trading in their old device because they are concerned that data on those devices may be accessed or compromised after they hand it over.
Gartner names ExtraHop leader in network performance monitoring
ExtraHop provides enterprise cyber analytics that deliver security and performance from the inside out.
Symantec acquires zero trust innovator Luminate Security
Luminate’s Secure Access Cloud is supposedly natively constructed for a cloud-oriented, perimeter-less world.
Palo Alto releases new, feature-rich firewall
Palo Alto is calling it the ‘fastest-ever next-generation firewall’ with integrated cloud-based DNS Security service to stop attacks.
The right to be forgotten online could soon be forgotten
Despite bolstering free speech and access to information, the internet can be a double-edged sword, because that access to information goes both ways.