Security

Artificial Intelligence is Important for Cybersecurity, But It’s Not Enough

The advent of Artificial Intelligence has brought with it a new scope for cybersecurity. Why the artificial intelligence is important for cybersecurity?

In my last blog, I discussed AI and Big Data. Now, I am going to explain about AI and Cybersecurity.

The advent of Artificial Intelligence has brought with it a new scope for cybersecurity. After all, an intelligent security system is expected to overcome any sophisticated threats. However, many security experts believe that AI is a double-edged sword and hence it could become dangerous at an epic level if it gets into the wrong hands. Let us make a quick analysis on the unison between cybersecurity and AI.

Cybersecurity is the need of the day. As if we didn’t have enough to worry about with terrorists running wild – always looking to inflict damage – we now have to worry about Cybercriminals as well. And in many cases, they can be a lot more dangerous than your average terrorist.

The significance of having a perfect cybersecurity strategy or solution has grown over the years. All the credit goes to the proliferation of smart devices on the Internet. Also, because of the growing endpoints that are always connected to the cyberspace, cybercriminals now have a plethora of opportunities to infiltrate devices.

Not only do hackers have more entry points to breach, but they also have more sophisticated tools to penetrate even into highly-secured devices or networks. How are they doing it? By mass producing sophisticated malware.

According to the 22nd threat report by Symantec, it is found that over 300 million malware were detected in 2016 alone. Not only this! John – the contributor at thebestvpn, shared the shocking statistic that one in every 131 emails contains a malware. The massive figure presents quite a shocking blow to businesses who then rush to come up with a more potent cybersecurity solution.

Moreover, we can’t ignore the fact that with the passage of time, cybercriminals have become smarter and more adept at countering traditional security practices. A survey conducted in 2017 of 70 professional hackers and pen testers found that 60% of hackers claim they can compromise a system within just 6 hours. Plus, over 80% of the hackers and testers said they could remain hidden from the network for 100 days after stealing sensitive data.

To combat such threats, we need to come up with a disruptive security technology that is not only efficient, but also proactive, faster and more intelligent. One such disruption that can prove itself an ideal security solution is Artificial Intelligence (AI).

Artificial Intelligence & Cybersecurity: A Perfect Unison or a Calamity

When we talk about Artificial Intelligence, the first thing that pops into our mind are technologies like Tesla’s self-driving cars or the Amazon Echo. This is because we take AI only as a “Buzzword” and nothing else.

Regardless, AI can offer more firepower when it comes to cybersecurity. It can cover the lack of manpower that we see in this highly complex field. Likewise, it can run things faster and hence detect threats before they could compromise a system and inflict damage.

Although there is a lot of potential in Artificial Intelligence for tackling complex cyber threats for good, there are some aspects that make it a double-edged sword. Before we move on to the other aspects of AI, let’s take a look at why it seems to be a great cybersecurity tool.

The Significance of AI as a Security Solution

IT experts at a company have a lot on their hands to monitor and analyze. They are always challenged with sifting through loads of security logs and activities, finding security threats that could pose a serious threat and coming up with mitigation strategies to contain it.

Moreover, there are weeks and months of logs that need to be scrutinized and vetted for security purposes. Identifying any abnormality in such vast amount of data and then formulating the right solution require not only more manpower but also more tools and resources.

However, an AI-powered machine can greatly assist IT personnel in monitoring, tracking and detecting anomalies efficiently.

Ryan Permeh, Cylance Chief Scientist, said in an online interview conducted by CSOOnline, “Historically, an AV researcher might see 10,000 viruses in a career.  Today there are over 700,000 per day.” He further states that his security firm uses AI to tackle such attacks.

Apart from that, AI as a security tool can help with the lack of manpower that the cybersecurity industry is currently facing. Over 40% of organizations claim that they suffer from a “problematic shortage” of talent in cybersecurity.

Shahid Shah, the CEO of Netspective Communications, claims that there is a lot of skill shortage in different cybersecurity areas such as advanced malware prevention, compliance, IDS/IPS, identity and access management, etc.

Shah further states that by implementing AI, security firms can depend on “computers to do the grunt work and leave humans to the decision-making.”

Why AI Currently Isn’t a ‘Perfect’ Cybersecurity Solution

If AI can be used to shield our systems or networks from cyber-attacks, it is rational to expect the technology being used for more attacks. Shortly, when AI becomes more automated and developed, we might see more sophisticated cyber-attacks carried out by intelligent malware or viruses.

In fact, Endgame’s security expert, Hyrum Anderson has proved just that at the DEF CON 2017. The team demonstrated an intelligent application that can re-engineer a malware and make it undetectable to even a smart antivirus. A group of researchers was successful in circumventing the protective layers of the AI-powered antivirus with its AI-powered malware 16% of the time.

The research was conducted to show that even AI can have blind spots that could be used to compromise systems.

The demonstration Hyrum Anderson presented isn’t the only research that indicates the negative implications of relying solely on AI. In fact, another research conducted by a security firm, Cylance, predicts AI “weaponization” soon.

According to the research, 62% of security experts believe that AI-powered cyber-attacks will increase in the near future, and hence the technology will be used as an intelligent cyber weapon.

“While AI may be the best hope for slowing the tide of cyberattacks and breaches, it may also create more advanced attacker tactics in the short-term,” says Cylance.

Final Say

AI-powered systems may reinforce our cybersecurity infrastructure, enabling our workforce to detect, contain, mitigate or stop cyber threats. However, relying solely on an intelligent technology that could be molded at our will can be dangerous. Plus, an AI-enabled attack may prove to be detrimental at an epidemic level.

About Author:

Anas Baig is a Cybersecurity & Tech Writer. He has been featured on major media outlets including TheGuardian, Lifehacker Australia, The Next Web, CSO, ITProPortal, Infosec Magazine, Tripwire and many others. He writes about online security and privacy, IoT, AI, and Big Data. If you’d like to get in touch, send an email to anasbaig113@gmail.com or follow him on Twitter @anasbaigdm.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – Cybersecurity, AI)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

American fast-fashion firm Hot Topic hit by credential stuffing attacks

Hot Topic suffered credential stuffing attacks that exposed customers' personal information and partial payment data.…

1 hour ago

Cisco addressed high-severity flaws in IOS and IOS XE software

Cisco addressed multiple vulnerabilities in IOS and IOS XE software that can be exploited to…

15 hours ago

Google: China dominates government exploitation of zero-day vulnerabilities in 2023

Google's Threat Analysis Group (TAG) and Mandiant reported a surge in the number of actively…

22 hours ago

Google addressed 2 Chrome zero-days demonstrated at Pwn2Own 2024

Google addressed two zero-day vulnerabilities in the Chrome web browser that have been demonstrated during…

1 day ago

INC Ransom stole 3TB of data from the National Health Service (NHS) of Scotland

The INC Ransom extortion group hacked the National Health Service (NHS) of Scotland and is threatening…

2 days ago

CISA adds Microsoft SharePoint bug disclosed at Pwn2Own to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft SharePoint vulnerability disclosed at the…

2 days ago

This website uses cookies.