Britain Turns To AI To Counter Espionage

Spies will need to use Artificial Intelligence (AI) to counter a range of threats, an intelligence report for the British spy agency GCHQ says.  Adversaries are likely to use the technology for attacks in cyberspace and on the political system, and AI will be needed to detect and stop them.
 
The UK's intelligence and security agency GCHQ commissioned a study into the use of AI for national security purposesIt warns that while the emergence of AI creates new opportunities for boosting national security and keeping members of the public safe, it also presents potential new challenges, including the risk of the same technology being deployed by attackers.
 
Modern-day cyber security threats require a speed of response far greater than human decision-making allows. Given the rapid increase in the volume and frequency of malware attacks, AI cyber defence systems are increasingly being implemented to proactively detect and mitigate threats. Intelligence and espionage services need to embrace AI in order to protect national security as cyber criminals and hostile nation states increasingly look to use the technology to launch attacks.
 
The aim of this project is to establish an independent evidence base to inform future policy development regarding national security uses of AI. 
 
The requirement for AI is all the more pressing when considering the need to counter AI-enabled threats to UK national security. Malicious actors will undoubtedly seek to use AI to attack the UK, and it is likely that the most capable hostile state actors, which are not bound by an equivalent legal framework, are developing or have developed offensive AI-enabled capabilities. 
 
In time, other threat actors, including cyber-criminal groups, will also be able to take advantage of these same AI innovations and they will create: 
  • Threats to digital security include the use of polymorphic malware that frequently changes its identifiable characteristics to evade detection, or the automation of social engineering attacks to target individual victims. 
  • Threats to political security include the use of ‘deepfake’ technology to generate synthetic media and disinformation, with the objective of manipulating public opinion or interfering with electoral processes. 
  • Threats to physical security are a less immediate concern. However, increased adoption of Internet of Things (IoT) technology, autonomous vehicles, ‘smart cities’ and interconnected critical national infrastructure will create numerous vulnerabilities which could be exploited to cause damage or disruption. 
The research highlights several ways in which intelligence agencies could seek to deploy AI: 
  •  The automation of administrative organisational processes could offer significant efficiency savings, for instance to assist with routine data management tasks, or improve efficiency of compliance and oversight processes. 
  • For cybersecurity purposes, AI could proactively identify abnormal network traffic or malicious software and respond to anomalous behaviour in real time. 
  • For intelligence analysis, ‘Augmented Intelligence’ (AuI) systems could be used to support a range of human analysis processes, including:   
    • Natural language processing and audiovisual analysis, such as machine translation, speaker identification, object recognition and video summarisation.
    • Filtering and triage of material gathered through bulk collection. 
  • Behavioural analytics to derive insights at the individual subject level. 
None of the AI use cases identified in the research could replace human judgement and it is thought that systems that attempt to ‘predict’ human behaviour at the individual level are likely to be of limited value for threat assessment purposes. 
 
The use of AuI systems to collate information from multiple sources and highlight significant data items for human review is likely to improve the efficiency of analysis tasks focused on individual subjects. However, concerns over the ethical use of AI are highly subjective and context specific. Experts continue to disagree over fundamental questions such as the relative level of intrusion of machine analysis when compared with human review and despite a proliferation of ethical principles, there is a lack of clarity on how these should be operationalised in different sectors, who should be responsible for oversight and overall scrutiny. 
 
One of the most difficult legal and ethical questions for spy agencies, especially since the Edward Snowden revelation of mass domestic surveillance in the US, is that of justifying the collection of large amounts of data from ordinary people in order to sift it and analyse it to look for those who might be involved in terrorism or other criminal activity.
 
GCHQ:        BBC         RUSI:       ZDNet
 
You Might Also Read: 
 
From Ciphers To Cyber Security:
 
 
« Hackers Targeting Both Trump & Biden Presidential Campaigns
The History Of The Internet And Its Possible Future »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Organization for Security and Co-operation in Europe (OSCE)

Organization for Security and Co-operation in Europe (OSCE)

OSCE is the world's largest security-oriented intergovernmental organization. Areas of activity include Cyber/ICT security.

CyberESI

CyberESI

CyberESI is a Managed Security Service Provider providing 24x7 remote security monitoring and management of your mission-critical networks.

4iQ

4iQ

4iQ fuses surface, social, deep and dark web sources to research and assess risks to people, infrastructure, intellectual property and reputation.

DFLabs

DFLabs

DFlabs is a pioneer in Security Automation & Orchestration technology, leveraging your existing security products to dramatically reduce the response and remediation gap.

e-Crime Bureau

e-Crime Bureau

e-Crime Bureau is a specialized company offering cyber/computer forensics, cyber security consulting services, forensic audit and investigations services and training to clients across Africa.

Cyversity

Cyversity

Cyversity's mission (formerly ICMCP) is the consistent representation of women and underrepresented minorities in the cybersecurity industry.

Zeva

Zeva

Zeva solves complex identity and encryption challenges for the federal government and corporations around the globe.

RealTyme

RealTyme

RealTyme is a secure communication and collaboration platform with privacy and human experience at its core.

PreVeil

PreVeil

We started PreVeil to bring radically better security to ordinary business and personal communication and information storage.

Cyber-Security Council Germany

Cyber-Security Council Germany

The German Cyber Security Council's objective is to consult businesses, government agencies and political decision-makers and to support them against cybercrime.

RapidSpike

RapidSpike

RapidSpike is the only website monitoring solution that focuses all three key aspects of website health: performance, reliability AND security.

C2 Risk

C2 Risk

C2 Risk are focussed on risk analytics for information assurance, privacy and ESG (Environmental, Social, and Governance).

Bluerydge

Bluerydge

Bluerydge specialises in cyber security and technology, focusing on the delivery of innovative sovereign solutions through trusted, cleared and experienced professionals.

CESAR

CESAR

CESAR is one of the premier R+D and innovation centers in Brazil and a designated Cybersecurity Competence Center.

Core42

Core42

Core42 provides a full-spectrum of AI enablement solutions covering cloud, data, cybersecurity and digital services designed for customer success.

Applaudo

Applaudo

Applaudo specializes in helping the world’s most admired brands optimize their IT solutions, reduce delivery costs, and accelerate their digital transformation.