Friday, January 31, 2020

AI and CyberCrime

A citizen, first in war, first in peace and first to the hearts of his countrymen--------(Henry Lee on death of General Washington 1800)




In the ever-changing cyberthreat landscape, organizations will have to defend against increasingly complex and interconnected risk.

For example. 
The Ukraine power grid attack used spear phishing, industrial control, and disk wiping techniques that were all readily available on the black market, many of them previously stolen from NSA.

Checks and balances do not work as well for cyberwarfare where plausible deniability or even misdirecting the blame to someone else is common.

As organizations continue to grow, so do the size and complexity of their technology and data estates,
meaning attackers have more surfaces to explore and exploit.

AI has the potential to accelerate the volume of attacks as automation of tasks and enhancement of malicious services further reduce barriers of entry and execution of attacks.

The tools to accomplish attacks are increasingly available on the Dark Web at decreasing costs, including cyber weapons stolen from the NSA and CIA. 

Adversarial AI: 
Adversarial attacks involve manipulating AI systems by introducing carefully crafted inputs designed to deceive or mislead the algorithm. In the context of cybersecurity, adversarial AI techniques can be used to evade detection mechanisms, bypass security measures, or fool AI-powered defense systems. Researchers are exploring ways to develop robust AI algorithms that are resistant to adversarial attacks.

Deepfakes and Impersonation- Cyber attackers can use AI to create deepfake voices and impersonate high-ranking executives. A well-executed deepfake could deceive employees into authorizing large unauthorized fund transfers, exploiting human trust to circumvent security measures.

Data Tampering and Fabrication- Attackers can use AI to tamper with system data, creating an alluring yet entirely fabricated stock portfolio. The line between genuine and manipulated information blurs, posing risks to financial systems and investor confidence.

AI is not a single technology but a family of technologies. There are five broad categories of AI technologies: computer vision, natural language, virtual assistants, robotic process automation, and advanced machine learning. Hackers will likely use these tools to varying degrees.

Responsible AI Deployment:
Organizations must balance the benefits of AI with ethical considerations. Transparent algorithms, robust authentication mechanisms, and human oversight are crucial.

AI-Driven Defense: 
On the flip side, AI can also be used for cybersecurity purposes to detect, prevent, and respond to cyber threats more effectively. AI algorithms can analyze vast amounts of data to identify patterns, anomalies, and potential security breaches in real-time. AI-powered security solutions can enhance threat detection capabilities and help organizations stay one step ahead of cybercriminals.

Skills Gap: Addressing the cybersecurity challenges posed by AI requires a skilled workforce with expertise in both cybersecurity and AI technologies. However, there is a significant shortage of cybersecurity professionals with AI knowledge and vice versa. Closing this skills gap will be essential for developing effective AI-driven cybersecurity solutions and combating cyber threats effectively.


See You at The Top