AI Will Boost Cybercrime & Security Threats

Uploaded on 2018-02-28 in TECHNOLOGY-Key Areas-Artificial Intelligence, NEWS-Cybersecurity News, FREE TO VIEW, TECHNOLOGY--Developments

Experts say action must be taken to control artificial intelligence tech. The proliferation of artificial intelligence technologies could enable new forms of cybercrime, political disruption and even physical attacks within five years, a group of 26 experts from around the world have warned. 

In a new report entitled 'Malicious Use of Artificial Intelligence'  a panel of academic, industry and the charitable sector experts describe AI as a “dual use technology” with potential military and civilian uses, akin to nuclear power, explosives and hacking tools.

“As AI capabilities become more powerful and widespread, we expect the growing use of AI systems to lead to the expansion of existing threats, the introduction of new threats and a change to the typical character of threats,” the report says. 

They argue that researchers need to consider potential misuse of AI far earlier in the course of their studies than they do at present, and work to create appropriate regulatory frameworks to prevent malicious uses of AI.

If the advice is not followed, the report warns, AI is likely to revolutionise the power of bad actors to threaten everyday life. 
In the digital sphere, they say, AI could be used to lower the barrier to entry for carrying out damaging hacking attacks. The technology could automate the discovery of critical software bugs or rapidly select potential victims for financial crime. 
It could even be used to abuse Facebook-style algorithmic profiling to create “social engineering” attacks designed to maximise the likelihood that a user will click on a malicious link or download an infected attachment.

The increasing influence of AI on the physical world means it is also vulnerable to AI misuse. The most widely discussed example involves weaponising “drone swarms”, fitting them with small explosives and self-driving technology and then setting them loose to carry out untraceable assassinations as so-called Slaughterbots. 

Political disruption is just as plausible, the report argues. Nation states may decide to use automated surveillance platforms to suppress dissent, as is already the case in China, particularly for the Uighur people in the nation’s northwest. 

Others may create “automated, hyper-personalised disinformation campaigns”, targeting every individual voter with a distinct set of lies designed to influence their behaviour. Or AI could simply run “denial-of-information attacks”, generating so many convincing fake news stories that legitimate information becomes almost impossible to discern from the noise. Seán Ó hÉigeartaigh of the University of Cambridge’s Centre for the Study of Existential Risk, one of the report’s authors, said: “We live in a world that could become fraught with day-to-day hazards from the misuse of AI and we need to take ownership of the problems, because the risks are real. There are choices that we need to make now, and our report is a call-to-action for governments, institutions and individuals across the globe.

“For many decades, hype has outstripped fact in terms of AI and machine learning. No longer. This report … suggests broad approaches that might help: for example, how to design software and hardware to make it less hackable – and what type of laws and international regulations might work in tandem with this.”

Not everyone is convinced that AI poses such a risk, however. Dmitri Alperovitch, the co-founder of information security firm CrowdStrike, said: “I am not of the view that the sky is going to come down and the earth open up. 

“There are going to be improvements on both sides; this is an ongoing arms race. AI is going to be extremely beneficial, and already is, to the field of cybersecurity. It’s also going to be beneficial to criminals. It remains to be seen which side is going to benefit from it more.

“My prediction is it’s going to be more beneficial to the defensive side, because where AI shines is in massive data collection, which applies more to the defence than offence.”

The report concedes that AI is the best defence against AI, but argues that “AI-based defence is not a panacea, especially when we look beyond the digital domain”.

“More work should also be done in understanding the right balance of openness in AI, developing improved technical measures for formally verifying the robustness of systems, and ensuring that policy frameworks developed in a less AI-infused world adapt to the new world we are creating,” the authors wrote.

Guardian

You Might Also Read: 

AI Will Underpin Cybersecurity:

AI Cyber Attacks Will Be Almost Impossible For Humans to Stop:
 

 

« Foreign Interference In US Elections 'Will be repeated'
UN Chief Urges Global Rules For Cyber Warfare »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Cybertrust Japan

Cybertrust Japan

Cybertrust Japan provides a comprehensive security certification and digital authentication service, enabling customers to build and manage highly secure IT infrastructures.

CERTuy

CERTuy

CERTuy is the national Computer Emergency Response Team for Uruguay.

First Response

First Response

First Response is a Cyber Incident Response and Digital Forensic Investigation company.

Totaljobs

Totaljobs

Totaljobs is the UK’s largest hiring platform. We have over 280,000 live jobs adverts on our site, helping you to find any type of job in any industry, including cybersecurity.

SPARTA Consortium

SPARTA Consortium

SPARTA tackles hard innovation challenges, leading the way in building transformative capabilities and forming a world-leading cybersecurity competence network across the EU.

Trail of Bits

Trail of Bits

Trail of Bits combine high-end security research with a real-world attacker mentality to reduce risk and fortify code.

Qohash

Qohash

With a focus on data security, Qohash supports security, compliance and optimization use cases enhancing your risk management process.

PNGCERT

PNGCERT

PNGCERT is the national Computer Emergency Response Team (CERT) for Papua New Guinea.

Center for Medical Device Cybersecurity (CMDC) - University of Minnesota

Center for Medical Device Cybersecurity (CMDC) - University of Minnesota

CMDC’s mission is to foster university-industry-government partnerships to assure that medical devices are safe and secure from cybersecurity threats.

Seigur

Seigur

Seigur is an IT consultancy business providing flexible legal and cyber security services for IT and data privacy programmes.

Hadrian

Hadrian

Hadrian is modernizing offensive security practices with automation, making them faster and more scalable. Equipped with the hacker’s perspective, companies can now know what their critical risks are.

PatchAdvisor

PatchAdvisor

PatchAdvisor core services include Vulnerability Assessments/Penetration Testing, Application Vulnerability Assessments, and Incident Response.

Solvo

Solvo

Solvo enables security teams and other stakeholders to automatically uncover, prioritize, mitigate and remediate cloud infrastructure access risks.

Glasstrail

Glasstrail

Glasstrail are single-minded about helping organisations gather intelligence and manage vulnerabilities in their attack surface before adversaries exploit them.

AKS iQ

AKS iQ

AKS iQ leads the RegTech sector with AI, automating regulatory compliance in the banking industry and ensuring paperless TBML and CFT adherence in finance.

TerraEagle

TerraEagle

Terraeagle is a boutique cyber security services company providing tailor-made solutions. Our core competency is in SOCaaS, MDRaaS & and Incident Response Retainer Services.