Cyberwarfare: the New AI Frontier

Over the past few years, we have seen artificial intelligence move from the shadows into the mainstream. From the smart music speakers in our front rooms to the digital assistant on our phones in our pockets, we probably interact with or are guided by AI on a daily basis – often without awareness of its impact or influence.

The ability for a system to rapidly classify an input, as well as learning from experience and by example means that security vendors have been quick to leverage AI to underpin their threat analysis process. This has led to increased accuracy, faster threat recognition and an overall reduction in risk when pitted against even the best human-derived threats.

The very same reasons that security vendors have adopted AI have made the technology attractive to cybercriminals, as having an attacking system that can very rapidly classify its target, learn from its failures and exploit its successes, all without human interaction, is a perfect storm scenario for any attacker.

AI vs AI

This leads to a very strange and unknown scenario where we will see attack AIs pitched against detection AIs. Unlike a human whose choices are guided by experience, skill and bias, an AI will often deploy strategies that are unexpected. If we think of the headline AI victories over humans such as the 4-1 defeat of Go Grandmaster Lee Se-Dol by Google’s AlphaGo or IBM’s Deep Blue victory over Garry Kasparov, this shows that AI thinking can be very unpredictable, often playing a crazy almost suicidal or oversimplified move no right-minded human will make. This left-field approach is then built on as part of a larger winning strategy.

As AI is pitched against AI, the battle ground may become a highly misunderstood place for humans, with attack and defence strategies not being understood and, as such, knowing who is winning will be almost impossible to call. This toing and froing may, in fact, never end, leading to a continual battle scenario, and even when we think the battle is won this may be just the next stage in the attacker’s strategy, with the real battle being fought on a completely different front.

What should we do?

It is therefore important that we adopt security strategies that do not fully remove the human touch. We need to adopt multiple systems that provide enough information from sources so that we can determine if the threat has indeed become a breach, so the impact of said breach can then be understood.

Once again the assessment process is highly likely to be underpinned by some kind of AI-based decision engine that highlights possible threats that ordinarily might have been missed by the human eye. However, if an attacker AI suspects they will be monitored by an AI, they will likely take a strategy that successfully evades detection.

You may ask how we operate in this new AI frontier. In my opinion, we need to take a pragmatic approach that assumes that one or more of our defences have been breached and the intruder is well hidden. We also have to validate all activity and any attempt to access systems and data rather than depend on one single activity at one time.

In short, we need to adopt a zero trust model and only allow access once the burden of proof shows that the request is valid and the response will be equally uncorrupted.

+ posts


Related articles

The future of cloud and edge optimisation

As more enterprises use multi-cloud and hybrid infrastructures, the danger of cost overruns and loss of control increases.

Here is how to stage a public cloud migration

As the relationships between CSPs and cloud providers are deepening, CSPs need to develop a clear strategy on how they add value to customer relationships.

The future of work is collaborative

As hybrid work models continue to gain traction, businesses will need to start implementing collaborative tools and processes to meet the needs and expectations of the upcoming workforce, seamlessly integrating them into existing workflows to enhance productivity and performance. Innovations in technology, including AI and machine learning, mean that organisations are in a better position than ever to shape the collaborative future of work – and with the right support in place, they can ensure that these digital tools continue to bring out the best in their workforce for years to come.

How Business Data Can Be Protected, Even with Remote Workers

According to a study conducted by OwlLabs, approximately 69% of survey respondents worked remotely during the pandemic or are now working from home since.

DevOps Metrics – How to measure success in DevOps?

Even though there is no perfect definition for DevOps,...

Subscribe to our Newsletter