AI Makes Cyber Attacks More Destructive

Uploaded on 2019-07-01 in TECHNOLOGY-Key Areas-Artificial Intelligence, FREE TO VIEW, TECHNOLOGY--Developments, TECHNOLOGY--Hackers

Cyber-attacks are becoming ubiquitous and have been recognised as one of the most strategically significant risks facing the world today.  There is little doubt that artificial intelligence (AI) will be used by attackers to drive the next major upgrade in cyber weaponry and will ultimately pioneer the malicious use of AI. 

AI’s fundamental ability to learn and adapt will usher in a new era in which highly-customised and human-mimicking attacks are scalable. 

Future AI Attacks
AI-powered cyber-attacks are not a hypothetical future concept. All the required building blocks for the use of offensive AI already exist.

One of the most notorious pieces of contemporary malware, the Emotet Trojan, is a prime example of a prototype-AI attack. Emotet’s main distribution mechanism is spam-phishing, usually via invoice scams that trick users into clicking on malicious email attachments. The Emotet authors have recently added another module to their Trojan, which steals email data from infected victims. 

This means it can automatically insert itself into pre-existing email threads, advising the victim to click on a malicious attachment, which then appears in the final, malicious email. This insertion of the malware into pre-existing emails gives the phishing email more context, thereby making it appear more legitimate. 

Yet the criminals behind the creation of Emotet could easily leverage AI to supercharge this attack. Currently, the message on the final phishing email is usually highly generic - “Please see attached”, for instance - and this may sometimes arouse suspicion. However, by leveraging an AI’s ability to learn and replicate natural language by analysing the context of the email thread, these phishing emails could become highly tailored to individuals. This would mean that an AI-powered Emotet Trojan could create and insert entirely customised, more believable phishing emails. 

The consequences of these developing attack methods could be highly destructive, and even life-threatening. Imagine an oil rig using faulty geo-prospection data to drill for oil in the wrong place, or a physician making a diagnosis using compromised medical records. As the AI arms race continues, we can only expect this circle of innovation to escalate. 

AI Attacks
In 2017, the WannaCry attack hit organisations in over 150 countries around the world, marking the beginning of a new era in cyber-attack sophistication. Its success lay in its ability to move laterally through an organisation in a matter of seconds while paralysing hard drives, and the incident went on to inspire multiple copycat attacks. 

This cycle of “innovation” will continue, and attackers have already moved on to crypto-currency mining malware, which secretly steals processing power to mine for digital currencies such as bitcoin, and banking Trojans, a type of malware that steals financial data while masquerading as a genuine application. 

The use of adversarial artificial intelligence will impact the security landscape in three key ways: 

1 Apparently Becoming Trusted Users 
AI attacks will be highly tailored yet operate at scale. These malwares will be able to learn the nuances of an individual’s behaviour and language by analysing email and social media communications. They will be able to use this knowledge to replicate a user’s writing style, crafting messages that appear highly credible. 

Messages written by AI malware will therefore be almost impossible to distinguish from genuine communications. As the majority of attacks get into our systems through our inboxes, even the most cyber-aware computer user will be vulnerable. 

2 Lost in the background 
Sophisticated threat actors can often maintain a long-term presence in their target environments for months at a time, without being detected. They move slowly and with caution, to evade traditional security controls and are often targeted to specific individuals and organisations. 

This ability to disguise itself amid the noise will mean that it is able to expertly spread within a digital environment, and stealthily compromise more devices than ever before. 

3 Faster Attacks 
Today’s most sophisticated attacks require skilled technicians to conduct research on their target and identify individuals of interest, understand their social network and observe over time how they interact with digital platforms. 
In tomorrow’s world, an offensive AI will be able to achieve the same level of sophistication in a fraction of the time, and at many times the scale. 

Not only will AI-driven attacks be much more tailored and consequently more effective, their ability to understand context means they will be even harder to detect. 

Incorporating AI into the Digital Ecosystem 
Investment in new technology will play a critical role in this emerging reality and evolving ecosystem. According to Forrester’s Using AI for Evil report, “mainstream AI-powered hacking is just a matter of time”. 
Indeed, as we begin to see AI become part of the cyber attacker’s toolkit, the only way that we will be able to combat this malicious use of AI is with AI itself. Therefore, incorporating the technology into this ecosystem is crucial. 

Fighting back with Machines 
The cybersecurity community is already heavily investing in this new future, and is using AI solutions to rapidly detect and contain any emerging cyber threats that have the potential to disrupt or compromise key data. Defensive AI is not merely a technological advantage in fighting cyberattacks, but a vital ally on this new battlefield. 
Rather than rely on security personnel to respond to incidents manually, organisations will instead use AI to fight back against a developing problem in the short term, while human teams will oversee the AI’s decision-making and perform remedial work that improves overall resilience in the long term. 

AI-powered attacks will outpace human response teams and outwit current legacy-based defenses; therefore, the mutually-dependent partnership of human and AI will be the bedrock of defense strategies in the future. 

The battleground of the future is digital, and AI is the undisputed weapon of choice. There is no silver bullet to the generational challenge of cybersecurity, but one thing is clear: only AI can play AI at its own game. The technology is available, and the time to prepare is now. 

World Economic Forum

You Might Also Read: 

Darktrace CEO Says Cyber Security Is A Global Arms Race:

AI Is The New Route For Both Cyber Attacks And Their Prevention:

 

 

« Alarming Trends In Data Theft
Tackling The ‘Splinternet’ »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Securosis

Securosis

Securosis is an information security research and advisory firm dedicated to improving the practice of information security.

Vanguard Integrity Professionals

Vanguard Integrity Professionals

Vanguard Integrity Professionals is an independent provider of enterprise security software solutions that address complex security and regulatory compliance challenges.

PlaxidityX

PlaxidityX

PlaxidityX (formerly Argus Cyber Security) is a global leader in mobility cyber security, provides DevSecOps, vehicle protection and fleet protection technologies and services.

Radiflow

Radiflow

Radiflow is a leading provider of cyber security solutions for critical infrastructure networks (i.e. SCADA), such as power utilities, oil & gas, water and others.

Sandline Discovery

Sandline Discovery

Sandline Discovery provides digital forensics, eDiscovery solutions, managed review and litigation consulting services.

Arsenal Recon

Arsenal Recon

Arsenal Recon are digital forensics experts, providing consultancy services and powerful software tools to improve the analysis of electronic evidence.

Aspisec

Aspisec

Aspisec is a cybersecurity company specialized in Firmware Security and Critical Infrastructure Protection.

TechBeacon

TechBeacon

TechBeacon.com is a digital hub by and for software engineering, IT and security professionals sharing practical and passionate guidance to real-world challenges.

Bugraptors

Bugraptors

BugRaptors is a certified software testing company with extensive experience as a third-party testing vendor, effectively proven as a leader in software testing & QA Services.

HackHunter

HackHunter

HackHunter’s passive sensor network continuously monitors, detects and alerts when a malicious WiFi network and/or hacking behaviour is identified.

Stellar Cyber

Stellar Cyber

Stellar Cyber makes Open XDR, the only comprehensive security platform providing maximum protection of applications and data wherever they reside.

Techmentum

Techmentum

At Techmentum, our mission is to utilize technology to help companies succeed. Our expertise includes fully managed IT services, cybersecurity, cloud, and custom technology solutions.

TetherView

TetherView

TetherView provides leading virtual desktop and email security technology to help businesses stand up and manage digital workspaces.

InnovateHer

InnovateHer

At InnovateHer, our vision is to make the tech sector more equitable, by increasing diversity across the spectrum and creating more inclusive workplaces.

Nightwing

Nightwing

Nightwing is the intelligence services company that continually redefines the edge of the possible to keep advancing our national security interests.

Cloudsmith

Cloudsmith

Cloudsmith is the only cloud-native, global, universal artifact management platform for securely developing and distributing software.