How Can AI Change The State of Cybersecurity

According to Wikipedia, financial crimes are “crimes against property, involving the unlawful conversion of the ownership of property (belonging to one person) to one’s own personal use and benefit”. In the Internet age, financial crimes are often associated with cybercrime. Globally, this type of criminal activity is regarded as a major concern, and fighting cybercrime has become a top priority for both governments and corporations.

Financial data, health records, personal identifiable information (PII), intellectual property and basically any valuable data are subject to attacks. Cybercriminals employ highly profitable strategies like disrupting business operations via DDoS attacks or monetizing data access by advanced ransomware techniques.

However, when asked about cybercrime, most people would think of casual crimes like credit card theft, online scams, and identity theft. Still, there’s a darker side behind the story of a stolen password for a credit card: some cybercriminals stay in close cooperation with terrorist groups by providing funds for human and drug trafficking. Any device connected to the Internet is prone to attacks, and tech-savvy cyber terrorists make no difference whether it is an unprotected home computer or an inefficient corporate information technology system. Some basic fraud practices do not even require special knowledge, and anybody can buy tools on the black market to commit a cybercrime.  

The most popular ways to steal personal data include:

It’s worth saying that phishing attacks are the most prevalent among those. KnowBe4 – the world’s largest security awareness training and simulated phishing platform – sent test phishing emails to 6 million users only to find that the majority of them clicked on the link promising money gain. Simple as that.

Apart from preying on individuals, organized cyber attacks affect states at the national security level. But are countries ready for the alert? The stats aren’t convincing enough. James Gosler, one of the US top security experts, believes that there are up to 1.000 people with the necessary skills to defend the USA against the most complex cyber attacks out of the 20.000-30.000 professionals required. Thus, the problem is calling out for new measures, and one of these is the use of AI.

These days everybody’s heard “a little something” about artificial intelligence and machine learning. In 2018, they remain hot topics in every trend lists like this one. Nevertheless, despite high anticipations, we still wait for the brave new world to come in a form we all can understand. “We kind of noticed this huge gap,” a tech entrepreneur and investor Ben Lamm agrees. “Everybody has an emotional reaction to AI, everybody wants AI, nobody seems to know what that means.”

Even in the world of tech, the attitude towards AI varies from critique to praise. Elon Musk who stole all the biggest headlines in 2018, has repeatedly warned about the dangers of artificial intelligence, describing it as a potential threat to the human race. On the other hand, another tech-giant Mark Zuckerberg adheres to the opposite point of view saying he was “tired of the fear-mongering”.

This ambiguity is applied to the use of AI itself. Like any technology, it might be a new source of danger if falls into the wrong hands. “We have AI, but so do the bad guys,” says Ann Johnson, Microsoft’s Vice President, Enterprise & Cybersecurity. For instance, AI can help human cybercriminals to modify their attack patterns. As a rule, the implementation of a spear-phishing attack – simple, yet targeted and dangerous email-based threat – requires hackers to gather personal information about prospective victims. The use of AI systems can help gather and process large databases to connect identifying information in a much faster manner. In an interview to Computerworld Australia, Fortinet’s global security strategist, Derek Manky, told that “black hat attackers are getting in much quicker because of automated attack code. The time to breach is shrinking significantly. Their attack code is replacing human cycles. The human had to execute each stage of the kill chain themselves. We are now seeing code that is automating that process, taking the black hat human out of the picture.” Sounds menacing? Again, the use of AI is a two-way street: crime fighters armed with AI can prevent attacks by resorting to analytics and find out when something bad is going to happen. The picture will look like a game of chess played by grandmasters. Just imagine AI-driven attacks changing tactics and AI-driven defenses responding equally in real time.

This article wouldn’t be complete without mentioning another buzz word – blockchain.  Security analysts predict that this technology will be more widespread as a counter-attack measure. Fair enough, nowadays blockchain is mostly associated with the cryptocurrency market, but in the future things could change. To put it briefly, the blockchain splits up data into blocks and distributes them over a decentralized network. This way, as a result of its distributed nature, blockchain leaves no room for hackable entrance or a central point of failure. Thereby, this technology is more security-oriented, and this feature prevents criminals from accessing and compromising massive amounts of data all at once. Industries like banking and healthcare could be among the first to incorporate blockchain technology to raise their security level bar significantly. Another great advantage of using artificial intelligence is that they save considerable time for tech employees. As minor attacks sometimes demand for trivial solutions, AI-driven systems will take care of the situation on its own.

Another countermeasure lies within the cooperation between organizations. In round numbers, 80% of attacks follow the same pattern and execution: phishing, ransomware, trojan viruses, etc. Sure enough, these attacks will become more sophisticated or use other delivery techniques, but – generally speaking – they will remain the same in their essence. Therefore, an approach by which various institutions can share the information collected by their security systems seems to be only logical and beneficial. When a certain amount of data is collated and analyzed in conjunction, some patterns and everyday occurrences will become more evident for everyone. Sharing is caring, and this practice would undoubtedly give companies a hand in their fight against cybercrime.

However, at the moment, everything still depends on us, humans. The errors committed by employees of an organization make a major contribution to data loss incidents, and its widespread presence continues to rise on a global scale. „Eight years of research on data breach costs has shown employee behavior to be one of the most pressing issues facing organizations today”, comments Larry Ponemon, founder of the non-profit Ponemon Institute.

Considering the state of cybersecurity today, the implementation of AI systems can be a real game breaker. Undoubtedly, there’s still a lot of work to be done – for instance, 52% of cyber professionals believe that current systems aren’t accurate enough. However, these systems come with a number of substantial benefits that will empower cybersecurity professionals with more possibilities to fight cyber-attacks and safeguard their enterprise. Today, advanced AI techniques, like machine learning and deep learning, are possible because of more sophisticated algorithms and the vast amounts of available data. So give artificial intelligence time, and eventually, they will provide you with a dynamic edge over cyber terrorists.

Kontakt
Kontakt


    Insert math as
    Block
    Inline
    Additional settings
    Formula color
    Text color
    #333333
    Type math using LaTeX
    Preview
    \({}\)
    Nothing to preview
    Insert