The AI arms race might be a bit more dangerous than you think
In the tech world, an arms race usually a metaphor for two companies battling for supremacy, but McAfee thinks it might be a bit more literal for artificial intelligence (AI) as hackers upskill to make use of the breakthrough, reports Telecoms.com (Banking Technology‘s sister publication).
As one of its predictions for 2018, security software vendor McAfee believes that while securing the ever expanding virtual perimeters of an organisation would be one of the more attractive usecases for AI, the converse is also true. Hackers will be able to make use of the much more powerful and speedy algorithms to probe an organisation’s perimeter, seeking out inadequacies much quicker than a human would be able to.
“The evolution of ransomware in 2017 should remind us of how aggressively a threat can reinvent itself as attackers dramatically innovate and adjust to the successful efforts of defenders,” says Steve Grobman, CTO for McAfee.
“We must recognise that although technologies such as machine learning, deep learning, and AI will be cornerstones of tomorrow’s cyber defences, our adversaries are working just as furiously to implement and innovate around them. As is so often the case in cybersecurity, human intelligence amplified by technology will be the winning factor in the ‘arms race’ between attackers and defenders.”
Now we can already hear the murmurs from pessimistic corners; a security company saying we need to spend more of security – what a surprise. But this is a warning which should be taken seriously. For every technology breakthrough which has been made for good intentions, there always have been nefarious individuals who will use it for ill gain. It will most likely be the same here.
As we become more mobile in our working lives, the complications of securing a network are compounded. Every time you access you emails outside of the office, you are effectively creating another gateway for hackers to attack. One way of combatting this might be to inform the security team about your movements, but who does that? The perimeter is expanding quicker than we can secure it.
If security teams are to continue to be under-manned and under-funded, AI can be a solution to make the perimeter more secure. It doesn’t need to sleep, it works much faster and much more efficiently than a human. This is an area where the promise of AI can be realised almost immediately; leave the monotonous, heavy lifting to the application, while the humans concentrate on more high-value tasks.
McAfee points out that “adversaries will certainly employ machine learning themselves to support their attacks, learning from defensive responses, seeking to disrupt detection models, and exploiting newly discovered vulnerabilities faster than defenders can patch them”. The battle could simply come down to who has the best algorithm. And some hackers are very smart individuals.
“To win this arms race, organisations must effectively augment machine judgment and the speed of orchestrated responses with human strategic intellect,” McAfee says. “Only then will organisations be able to understand and anticipate the patterns of how attacks might play out, even if they have never been seen before.”
While this does not seem like an answer at all, it is the only one. With the world of AI, we are venturing into the unknown. Challenges are unknown and answers are unknown. Perhaps this escalates the need to integrate AI into the security proposition, so security experts can more proactively look to the unknown to identify solutions.
So while the AI arms race might seem like a bit of scare-mongering, it is a very real problem, which is completely logical.