AI has disrupted traditional business practices from customer support through to fraud detection. Unfortunately, every legitimate use of technology has a flip side. We can expect the bad guys to start using AI too, creating a wave of machine learning-powered cyber-attacks.
AI-based attacks are still relatively rare, but they have lots of potential to grow. Its key benefit is automation. Machine learning is good at small, repeatable tasks that have traditionally been restricted to humans, which is why people use it for everything from reviewing loan agreements through to sorting cucumbers. However, it can also be used for nefarious purposes.
One example is during the reconnaissance phase of an attack, where AI can scour social media to find what potential targets are talking about, and what kinds of language they use. ZeroFox even wrote a tool called SNAPR that used machine learning to do this.
AI also has the potential to automate intrusion techniques by launching attacks at unprecedented speed. After automatically profiling multiple targets’ communications patterns, it could launch artificially-generated phishing attacks that mimic them. If you got an email supposedly from your boss that emulated their writing style and even used some pertinent information such as a key client name, wouldn’t you be more likely to open it?
AI-powered malware could also move more easily through an organization by using machine learning to probe internal systems without giving itself away. By analyzing network traffic, it could more easily blend its own communications into other communications happening on the network, hiding itself in plain sight.
Malware could also shield its true intent. IBM’s DeepLocker proof of concept malware used machine learning to trigger its payload when it identified a particular user via facial recognition.
Most attackers these days still rely on old tricks like embedding malicious files in macros because they still work, but as companies harden their infrastructures against attack and as cyber-criminals strive for more profit, AI promises to drive more efficiencies into attacks and enable them to execute at unprecedented scale.
Preparing for these attacks now will take a multi-disciplinary effort, ranging from better cybersecurity awareness training through to the use of zero-trust mechanisms and network segmentation techniques that make it harder for an AI-powered attack to spread. AI attacks promise a step change in attack volume and velocity, making it more important than ever for defenders to raise their game.
