AI Wars: Hackers vs Cybersecurity Pros
The modern cybersecurity landscape is like an arms race between hackers and the cybersecurity professionals tasked with keeping them at bay. Most times, it is a pitched battle for technical dominance. Occasionally, though, one side or the other will gain an advantage using new tools or techniques. Right now, both sides are fighting to see who is going to unlock the potential of one particular technology: artificial intelligence (AI).
There are already instances of hackers using AI-powered tools to launch sophisticated attacks on businesses. There are also plenty of examples of cybersecurity tools using AI to sniff out threats and stop them in their tracks. In this article we look at how AI tools are empowering both hackers and cybersecurity professionals alike in their never-ending battle.
How Hackers are Using AI
Although it is impossible to say with any certainty, it is quite likely that hackers were first to adapt AI for use as a cyberweapon. After all, they have the most to gain by its use and the least to lose. Additionally, current-generation AI is a natural fit for many of the attacks hackers favor most. Here are the main ways hackers are already using AI in their attacks on businesses.
AI-powered Password Cracking
One of the ways hackers are already using AI to help them attack businesses is through the use of AI-powered password-cracking tools. In particular, they use generative adversarial networks (GANs) that can generate password lists for use in brute-force hacking attempts. GANs use lists of actual human-created passwords to learn how users think and generate the types of passwords real people might think of. Research demonstrates that it is an approach that improves the performance of standard-issue password-cracking tools by as much as 73%.
AI-produced Spear Phishing Emails
Another common way hackers now use AI is to automate the creation of custom-tailored spear phishing emails. Unlike standard phishing, spear phishing involves the use of messages that include real information that a target might recognize or have an interest in. Under normal circumstances, hackers would only use spear phishing tactics against high-value targets since they require plenty of research about each target to be effective. An AI, however, can automate the work to create spear phishing emails at scale.
Deepfake-assisted Fraud
Perhaps the most unsettling way that hackers are putting AI to work is by creating deepfakes of real people to wreak havoc within businesses. For the unaware, a deepfake is an AI-created photo, audio clip, or video that mimics a real person. To the untrained eye—and even a trained one—they are all but indistinguishable from the real thing. Hackers have already created deepfakes to enable crypto-coin listing fraud schemes, using Binance’s CCO to lure unaware investors. There is every reason to believe they are using the technique elsewhere, as well.
How Cybersecurity Professionals are using AI
The bad guys are not the only ones who can use AI to make their work easier. Cybersecurity professionals are also using it to augment their detection and response tactics as they work to keep business data safe. Here are some of the ways they are doing it.
AI Fuzzing
Fuzzing is the term used to describe a form of application penetration testing. It is a technique used to discover vulnerabilities in software and networks before a hacker can use them to enable an attack. The trouble is that fuzzing is labour-intensive and requires a high degree of skill to perform. That is why cybersecurity firms are now using AI to do much of the heavy lifting, as it is quite adept at finding vulnerabilities and learning from the experience it gains while doing so.
It is worth pointing out, though, that AI-powered fuzzing is also something that hackers can use to identify zero-day exploits. That makes the adoption of AI-powered penetration testing tools of critical importance to businesses looking to protect their data. By identifying vulnerabilities before a hacker can find them first, businesses can take action to patch flaws and close security holes before a breach takes place.
AI-powered Realtime Threat Detection
One of the strengths of modern AI is that it is great at identifying patterns hidden within large data sets. That is why cybersecurity professionals now rely heavily on AI to spot cyberattacks as they unfold in real-time. By monitoring network traffic or access logs in real-time, AI can often spot activity that is out of the ordinary or otherwise anomalous. That provides cybersecurity professionals with an early warning so they can wall off affected systems or take action to prevent a data breach. In some more sophisticated security systems, AI might also take the lead in responding to threats by working at high speed to counter an attacker’s every move within a protected system or network.
AI-driven Spam and Phishing Detection
Cybersecurity professionals are also deploying AI-powered systems to detect spam and phishing attempts. They are serving as a vital first line of defense against some of the very same AI-powered threats detailed earlier. Ironically, AI is adept at detecting spam, phishing sites and messages, and even deepfakes—essentially anything an adversarial AI might produce. By filtering incoming messages with AI, businesses can prevent employees from having to sniff out fraudulent emails on their own.
The Winner
AI is playing an ever-increasing role in the cybersecurity sector—on both sides of the fight. However, businesses may have an advantage where AI is concerned. Since cybersecurity professionals have a clear picture of the scope of the systems they are trying to defend, they can deploy AI to shore up their weakest points. By contrast, hackers typically don’t know what vulnerabilities they will find within a given business, which means they often approach their targets from multiple angles at once. Therefore, if businesses take a proactive approach to the use of AI as a means of defending their digital systems, they stand a good chance of staying safe.
Of course, Outsource IT can help with those efforts. We employ a wide array of cybersecurity tactics aimed at leveraging the latest defensive technologies to keep hackers at bay. Contact an Outsource IT account manager to learn more.