AI & cyber security - should I be concerned?

There’s a lot of buzz about AI these days. This is not that strange, as AI is a fast-emerging technology, but we’ve already seen it used to support or carry out cyberattacks. You might be wondering to what extent your organization should be concerned about AI. To answer that question, let’s first look at what AI is about and its current limitations. 

The development of AI 

I remember back in the early nineties when I was playing computer games on my first computer, which was a legendary Atari 520STFM with an impressive memory of 512 KiB and 16 colors depth. There was a soccer game called Sensible Soccer - maybe some of you have played it. Anyway, when playing against the computer, it looked like the players had minds of their own, as they were capable of outplaying a human. Was this a simple form of AI making those players run around, or was it just a computer playing soccer? If you ask the game creators, they actually call it AI, and I recommend reading this interview with them.  

Another interesting example, more related to cyber security, is spam filters, like the “mother” of all spam filters, SpamAssassin. SpamAssassin has been self-learning since 2003. The more data fed to the spam filtering engine, the “smarter” it becomes. Is this AI that has been used within cyber defense for over 20 years?  

1997 is a year to remember, as it’s considered a milestone for AI. This was the year the IBM Deep Blue played a six-game chess match against the world champion Garry Kasparov. Deep Blue won two games and drew three. Its victory is considered a huge milestone in the history of AI and you can read books and watch movies about this historical event. 

So why the AI buzz today? Well, computers are now faster and can process enormous amounts of data faster. This has made AI available to the public, and as a result, we see AI used in more tools, products, and services we use daily - and AI capabilities will continue to grow rapidly.

When does AI become AI for real?

One of the major limitations of AI is that it’s still single-tracked, meaning that it operates within one area at a time. It can drive a car, answer questions, write lyrics, create an image or video, or analyze source code to find security flaws. Basically, the AI exists within one software and serves one purpose at a time.  

I belong to the group of people who believe that AI's major benefit will come when it can operate across multiple systems, software, and platforms. While so-called software agents are in development, their purpose is to expand AI over many different areas and make it semi-multi-tracked. These agents are in very early development, and the question remains if they will ever be useful before AI has a higher level of intelligence. 

Does AI become AI for real only when it reaches this higher level of intelligence, able to draw conclusions, reflect, and make decisions like people do? 

AI and cyber security  

Cybercriminals are already using AI to cause damage, but it can also be used to protect your organization from such damage. As long as AI stays single-tracked, however, it will not revolutionize threats or protection. 

How is AI threatening your organization today?

There are a few areas, but they are quite few: 

1. To find weaknesses and flaws (vulnerabilities) in code, software, and systems. 
2. To create content used in social engineering, like phishing attacks. 
3. To impersonate a person (using text, voice, and video) to access information or cause damage.

In each area where cybercriminals operate, they can use AI to cause more damage to organizations faster than previously possible.

Penetration testing as an example:

Some might say that computers challenge penetration testing consultants' work, but this is far from reality, as humans can draw conclusions and make assumptions in a way that no AI can today. Humans can also work over many different systems, software, platforms, and physical locations, a clear impossibility for today’s AI.  So, for now, AI is not comparable to what a human and human brain can achieve.

Conclusion about AI cyber threats

Many will try to benefit from new trends and technology, some (like cybercriminals) in a more destructive way and others less so. AI is no exception. Currently, there are just a few concrete threats to be aware of, but they pale in comparison to other threats your organization should protect against. But, the situation will change gradually. Keeping up with the AI development is key. It will help your organization to take the proper actions as AI develops. The day AI develops consciousness and/or can operate within different areas and systems, we will all face a major and new type of challenge.  Anyway, cybercriminals already use AI to be more "productive". So, if protecting your organization is not a top priority today, it must be in the future. Act now - start being proactive!