Britain Turns To AI To Counter Espionage

Uploaded on 2020-06-08 in TECHNOLOGY-Key Areas-Artificial Intelligence, INTELLIGENCE--Europe, GOVERNMENT-National, FREE TO VIEW, TECHNOLOGY--Developments

Spies will need to use Artificial Intelligence (AI) to counter a range of threats, an intelligence report for the British spy agency GCHQ says.  Adversaries are likely to use the technology for attacks in cyberspace and on the political system, and AI will be needed to detect and stop them.
 
The UK's intelligence and security agency GCHQ commissioned a study into the use of AI for national security purposesIt warns that while the emergence of AI creates new opportunities for boosting national security and keeping members of the public safe, it also presents potential new challenges, including the risk of the same technology being deployed by attackers.
 
Modern-day cyber security threats require a speed of response far greater than human decision-making allows. Given the rapid increase in the volume and frequency of malware attacks, AI cyber defence systems are increasingly being implemented to proactively detect and mitigate threats. Intelligence and espionage services need to embrace AI in order to protect national security as cyber criminals and hostile nation states increasingly look to use the technology to launch attacks.
 
The aim of this project is to establish an independent evidence base to inform future policy development regarding national security uses of AI. 
 
The requirement for AI is all the more pressing when considering the need to counter AI-enabled threats to UK national security. Malicious actors will undoubtedly seek to use AI to attack the UK, and it is likely that the most capable hostile state actors, which are not bound by an equivalent legal framework, are developing or have developed offensive AI-enabled capabilities. 
 
In time, other threat actors, including cyber-criminal groups, will also be able to take advantage of these same AI innovations and they will create: 
  • Threats to digital security include the use of polymorphic malware that frequently changes its identifiable characteristics to evade detection, or the automation of social engineering attacks to target individual victims. 
  • Threats to political security include the use of ‘deepfake’ technology to generate synthetic media and disinformation, with the objective of manipulating public opinion or interfering with electoral processes. 
  • Threats to physical security are a less immediate concern. However, increased adoption of Internet of Things (IoT) technology, autonomous vehicles, ‘smart cities’ and interconnected critical national infrastructure will create numerous vulnerabilities which could be exploited to cause damage or disruption. 
The research highlights several ways in which intelligence agencies could seek to deploy AI: 
  •  The automation of administrative organisational processes could offer significant efficiency savings, for instance to assist with routine data management tasks, or improve efficiency of compliance and oversight processes. 
  • For cybersecurity purposes, AI could proactively identify abnormal network traffic or malicious software and respond to anomalous behaviour in real time. 
  • For intelligence analysis, ‘Augmented Intelligence’ (AuI) systems could be used to support a range of human analysis processes, including:   
    • Natural language processing and audiovisual analysis, such as machine translation, speaker identification, object recognition and video summarisation.
    • Filtering and triage of material gathered through bulk collection. 
  • Behavioural analytics to derive insights at the individual subject level. 
None of the AI use cases identified in the research could replace human judgement and it is thought that systems that attempt to ‘predict’ human behaviour at the individual level are likely to be of limited value for threat assessment purposes. 
 
The use of AuI systems to collate information from multiple sources and highlight significant data items for human review is likely to improve the efficiency of analysis tasks focused on individual subjects. However, concerns over the ethical use of AI are highly subjective and context specific. Experts continue to disagree over fundamental questions such as the relative level of intrusion of machine analysis when compared with human review and despite a proliferation of ethical principles, there is a lack of clarity on how these should be operationalised in different sectors, who should be responsible for oversight and overall scrutiny. 
 
One of the most difficult legal and ethical questions for spy agencies, especially since the Edward Snowden revelation of mass domestic surveillance in the US, is that of justifying the collection of large amounts of data from ordinary people in order to sift it and analyse it to look for those who might be involved in terrorism or other criminal activity.
 
GCHQ:        BBC         RUSI:       ZDNet
 
You Might Also Read: 
 
From Ciphers To Cyber Security:
 
 
« Hackers Targeting Both Trump & Biden Presidential Campaigns
The History Of The Internet And Its Possible Future »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

IT Security Guru

IT Security Guru

IT Security Gurus publish daily breaking news. interviews with the key thinkers in IT security, videos and the top 10 stories as picked by our Editor.

Kaspersky Lab

Kaspersky Lab

Kaspersky Lab is one of the world’s largest privately held vendors of endpoint cybersecurity solutions.

TestFort

TestFort

TestFort QA Lab is a specialized software testing company offering independent quality assurance and software testing services.

StickyMinds

StickyMinds

StickyMinds is the web's first interactive testing community exclusively engaged in improving software quality throughout the software development lifecycle.

Ingalls Information Security

Ingalls Information Security

Ingalls Information Security provides network security, monitoring and forensics.

Silicon:SAFE

Silicon:SAFE

Silicon:SAFE develops impenetrable hardware solutions that prevent bulk data theft during a cyber-attack.

NT Cyfence

NT Cyfence

CAT Cyfence is the IT Security services business unit of CAT Telecoms.

ENLIGHTENi

ENLIGHTENi

ENLIGHTENi are the platform to develop next-gen talent in Technology, Risk, and Cybersecurity. Our mission is to develop next-gen talent through challenge-based learning and team collaboration.

Huntress Labs

Huntress Labs

Huntress provides managed threat detection and response services to uncover and address malicious footholds that slip past your preventive defenses.

Cyber Command - Estonian Defence Forces

Cyber Command - Estonian Defence Forces

The main mission of the Cyber Command is to carry out operations in cyberspace in order to provide command support for Ministry of Defence’s area of responsibility.

Business Resilience International Management (BRIM)

Business Resilience International Management (BRIM)

Business Resilience International Management (BRIM) is engaged by law enforcement in the UK and overseas to advise on establishing and developing Cyber Resilience Centres (CRCs) for business.

Halogen Group

Halogen Group

Halogen Group is the leading Security Solutions Provider in West Africa. Services encompass Physical Security, Electronic Security, Virtual & Cyber Security, Risk Assessments and Training.

KYND

KYND

KYND has created pioneering cyber risk technology that makes assessing, understanding, and managing business cyber risks easier and quicker than ever before.

Seedcamp

Seedcamp

Seedcamp identify and invest early in world-class founders attacking large and global markets through disruptive technology in areas including AI, cybersecurity, and Fintech.

TrafficGuard

TrafficGuard

TrafficGuard is an award-winning digital ad verification and fraud prevention platform.

eGyanamTech (EGT)

eGyanamTech (EGT)

eGyanamTech provides robust security solutions tailored for Operational Technology (OT) and Supervisory Control and Data Acquisition (SCADA) systems used in critical infrastructure systems.