How AI is Influencing Cybersecurity
Artificial intelligence (AI) already has an enormous impact on our day-to-day lives. Amazon algorithms look at our shopping history to recommend products that we are most likely to buy, Facebook automatically identifies friends’ faces in photos and Siri automatically recognizes our voice.
These algorithms have also had a tremendous impact on cybersecurity. For example, Google’s Gmail not only detects spam with greater than 99 percent accuracy, but it also correlate spam signals with attachment and sender heuristics to predict messages containing new malware variants. Similar algorithms have improved malware detection, firewall performance and many other areas of cybersecurity.
Most cybercriminals don’t use AI right now because existing attack vectors remain effective. Obfuscation, polymorphism and encryption have been very successful in perpetuating attacks like Wannacry, which successfully infected more than 200,000 computers around the world. However, there’s little doubt that AI will power next-generation malware, especially as cybersecurity defenses become increasingly effective.
There’s little doubt that next-generation cybercrime will take advantage of AI to improve effectiveness. Let’s take a closer look at how AI influences cybersecurity, including some ways that criminals might gain an upper hand.
Better Security Solutions
There’s no doubt that artificial intelligence has improved cybersecurity.
Google’s Gmail is perhaps the best-known example of AI in action. If you sign in to a Gmail account, you will rarely come across a spam message, despite spam accounting for nearly half of all emails sent each day. That’s because the tech giant blocks billions of spam messages per day at a 99.9 percent success rate using artificial intelligence.
Microsoft has applied AI technology to improve antivirus and malware detection. Windows Defender Advanced Threat Protection (ATP) uses AI to analyze data from more than 400 million connected PCs, flag early signs of infection and quickly add virus and malware signatures to its database.
AI is also being deployed for advanced bot detection and web application firewalls given its ability to efficiently distinguish between good and bad actors. Just like email spam detection, AI can identify bot messages designed to phish for personal information, as well as alert system administrators when a network may be experiencing an attack.
More Effective Attacks
Artificial intelligence also has the potential to greatly improve the effectiveness of cyber attacks.
AI could make spear phishing attacks much more effective. By analyzing social media and compromised email accounts, cybercriminals could effectively emulate email timing and writing style to make phishing attacks much more effective. Adversarial algorithms could also be used to help write emails that evade anti-spam and anti-malware detection.
MIT researchers demonstrated that AI could also be used to enhance brute force password attacks. Leveraging billions of compromised passwords, these algorithms could improve password guessing and simplify gaining access to computer systems. The same goes for network intrusion via password exploits on networking equipment.
AI could also be used to greatly improve the effectiveness of botnets. While botnets require instructions at the moment, AI could be used to create self-learning clusters that execute attacks on their own with compromised internet-of-things (IoT) devices. This kind of automation could make attacks much more frequent and successful than traditional botnet attacks.
Download our free cybersecurity readiness audit checklist to see if you’re prepared for the next generation of cyber attacks.
New & Innovative Attacks
Artificial intelligence could even open the door to brand new attack vectors that could prove devastatingly effective.
Google’s Duplex is an AI assistant with a voice that’s designed to be indistinguishable from a human. The same technology, known as “deepfaking,” could be used to perpetrate incredibly convincing Skype or phone scams designed to steal everything from bank account information to account login details to corporate trade secrets.
New AI applications could even write and edit their own source code to improve over time. For example, Bayou uses AI to write code designed to fill in the blanks for Java programmers.
These AI applications could one day evolve to write viruses and malware based on security vulnerabilities and update itself over time to be more effective.
Protecting Your Assets
Artificial intelligence could increase the effectiveness of cybercrime over time, but there are several ways to combat it.
Don’t forget to download our free cybersecurity readiness audit checklist to see if you’re prepared for the next generation of cyber attacks.
The four most important steps to take include:
Update your defenses: Ensure that you’re leveraging the power of AI for cybersecurity defenses, including everything from malware detection in emails to smart firewalls for networks. If you’re a small business on a limited budget, Jungle Disk provides a cybersecurity suite designed to meet all of your needs in one monthly cost.
Verify everything: Two-factor authentication is the single best way to prevent unauthorized access to critical systems by adding an extra layer of security, while corporate policies can be put into place to limit information sharing without verification. Simple verification can prevent many forms of spear phishing from being effective.
Train employees: Employees should be trained to recognize phishing attempts and ask for a second opinion when necessary. You can ensure compliance by implementing random assessments to check compliance. If an incident does occur, policies should be put in place to prevent similar incidents from occurring again.
Encryption & backup: Backups can ensure that your valuable data is kept safe even in the event that it’s encrypted in a ransomware attack, while encryption can keep stolen data safe from prying eyes. That way, you can return to business as usual as quickly as possible without worrying about regulatory repercussions.
The final step is having a plan and personnel in place with cybersecurity. If a data breach or attack occurs, there shouldn’t be any guesswork as to the next steps to take. There should also be a point person that’s responsible for ensuring that cybersecurity policies are enforced, such as employee training and keeping software updated.
The Bottom Line
Artificial intelligence already plays a significant role in cybersecurity defense. As these defenses mature, cybercriminals could start to leverage more AI-centric approaches to counteract these defenses and come up with much more effective social engineering and other attacks.
By updating your defenses, verifying everything and training employees, you can reduce the likelihood of a successful attack on your organization. Small businesses may want to check out Jungle Disk as a cost-effective cybersecurity suite that offers the latest in intrusion detection, password management and more.