AI Cyber Attacks Will Be Almost Impossible For Humans to Stop

As Cyberattacks become more refined, they will start mimicking our online traits. This will lead to a battle of the machines

As early as 2018, we can expect to see truly autonomous weaponised artificial intelligence that delivers its blows slowly, stealthily and virtually without trace. And 2018 will be the year of the machine-on-machine attack.

There is much debate about the possible future of autonomous AI on the battlefield. Once released, these systems are not controlled. They do not wait for orders from base. They learn and make their own decisions often while deep inside enemy territory. And they learn quickly from their environments.

However, autonomous AIs are already starting to be deployed on another type of battlefield: digital networks. Today cyber-attackers are using AI technologies that help them not only infiltrate an IT infrastructure, but to stay on that network for months, perhaps years, without getting noticed.

In 2018, we can expect these algorithmic presences to use their intelligence to learn about their environments and blend in with the daily commotion of network activity.

The drivers of these automated attacks may have a defined target – the blueprint designs of a new type of jet engine, say, or persist opportunistically, where the chance for money, or mischief-making avails itself. As they sustain their presence, they grow stronger in their inside knowledge of the network and its users and they build up control over data and entire systems.

Like the HIV virus, which is so pernicious because it uses the body's own defences to replicate itself, these new machine intelligences will target the very defences deployed against it.

They will learn how the firewall works, the analytics models used to detect attacks and times of day that the security team is in the office. They will then adapt to avoid and weaken them. All the while, it will use its strength to spread, creating inroads for compromise and contaminating devices with brutal efficiency.

AI will also attack us by impersonating people. We already have AI assistants that do our scheduling, email on our behalf and ask us what we'd like to order for lunch. But what happens if your AI assistant gets taken over by a malicious attacker? Or, indeed, what happens when weaponised AI is refined enough to convincingly impersonate a real person who you trust?

A stealthy, long-term AI presence on your network will have ample time to learn what your writing style is and how this differs depending on who you email, your contact base and the distinctions in professional and personal relationships based on the language you use and key themes in your conversations.

For example, you email your partner five times a day, particularly in the morning and afternoon. They sign their emails "X". Your football team emails weekly with details for Saturday's five-a-side games. They sign emails "Be there!". This is fodder for AI.

As to what we should do about these malicious AIs: they will be too clever and stealthy to combat other than with other AIs. This is one arena we'll have to give up control, not take it back.

Wired:

You Might Also Read:

Artificial Intelligence, Automation & Drones (£):

Artificial Intelligence, Robotics & All Tomorrows Wars:

Artificial Intelligence: A Warning:

 

« Inspired: China Measures Citizens' Trustworthiness
Flight Ticket Fraud Alert »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

ComSec LLC

ComSec LLC

ComSec perform threat assessments to identify vulnerabilities and help protect businesses against corporate espionage via electronic eavesdropping.

ForeScout Technologies

ForeScout Technologies

ForeScout delivers pervasive network security by allowing organisations to continuously monitor & mitigate security exposures & cyberattacks.

Redicom

Redicom

Redicom is an independent consulting agency focusing on identity management, strong authentication and single-sign-on.

Early Warning Services

Early Warning Services

Early Warning is committed to providing awareness, education, and enablement around fraud prevention.

SolutionsPT

SolutionsPT

SolutionsPT enables customers to strengthen their Operational Technology (OT) network to meet the ever increasing demand for performance, availability, connectivity and security.

Cybersecurity Tech Accord

Cybersecurity Tech Accord

The Cybersecurity Tech Accord promotes a safer online world by fostering collaboration among global technology companies.

Balbix

Balbix

Balbix BreachControl™ is the industry’s first system to leverage specialized AI to provide comprehensive and continuous predictive assessment of breach risk.

Norsk Akkreditering

Norsk Akkreditering

Norsk Akkreditering is the national accreditation body for Norway. The directory of members provides details of organisations offering certification services for ISO 27001.

The Security Company (TSC)

The Security Company (TSC)

The Security Company is a leading provider of creative employee security awareness programmes.

CyPhyCon

CyPhyCon

CyPhyCon is an annual event exploring threats and solutions to cyber attacks on cyber-physical systems such as industrial control systems, Internet of Things and Industrial Internet of Things.

CloudSphere

CloudSphere

CloudSphere’s flagship Cloud Governance Platform enables enterprises and cloud service providers to simplify and optimize cloud migration, management, and governance.

Abu Dhabi Gov Digital

Abu Dhabi Gov Digital

Gov Digital (formerly Abu Dhabi Digital Authority - ADDA) enable, support and deliver a digital government that is proactive, personalised, collaborative and secure.

Devolutions

Devolutions

Devolutions make best-in-class Privileged Access Management, Password Management, and Remote Connection Management solutions available to ALL organizations — including SMBs.

Vaultree

Vaultree

We believe in an encrypted tomorrow. Vaultree technology enables a foundational change in how we communicate with each other: Safely!

European Union Agency for Network and Information Security (ENISA)

European Union Agency for Network and Information Security (ENISA)

The European Union Agency for Cybersecurity, ENISA, is the Union’s agency dedicated to achieving a high common level of cybersecurity across Europe.

ThingsRecon

ThingsRecon

ThingsRecon empowers organisations to continuously map and manage their attack surface, uncover hidden vulnerabilities, and assess supplier cyber hygiene.