In the modern age of digitalization, the world around us continues to welcome technologies, such as artificial intelligence and machine learning that have made some inherent changes in the way we live. A decade ago, even the mere thought of ‘talking’ to a machine might only have been limited to the plot of a sci-fi movie- in 2019, however, Apple’s Siri and Amazon’s Alexa bear witness to how far we’ve come.
As far as AI is concerned, individuals, enterprises and organizations are all currently riding the AI wave. Even if you wanted to, it’s practically impossible to escape the influence that AI has- from governments using facial recognition AI to authorize identities, to companies relying on AI for cybersecurity- the applications of AI integrated into the modern world are endless.
Having said that, however, as AI applications and programs grow in sophistication and become increasingly “human-like,” cybersecurity researchers and analysts are starting to think that if AI is a blessing or a curse. Unlike jumping on to the AI bandwagon without so much as a second thought, these cybersecurity specialists are scrutinizing AI’s disadvantages (yes, they exist) as well.
Similarly, in this article, we’d like to tread on uncharted waters- and talk about AI’s dark side, and the dire threat it poses to the fragile state of global cybersecurity. Perhaps the critical importance of the situation can be expressed in statistics which amount the cybersecurity market to a whopping 300 million dollars.
Before we can get into the disadvantages and probable threats that AI poses to cybersecurity, we’d like to make one thing clear. This article, in no way, attempts to downplay the grand scale of betterments AI has brought to modern-day society, which even includes certain applications that help detect cancer early, with estimates predicting that AI could help save up to $100B of annual medical expenditure.
Having said that, however, the fundamental technology behind AI leaves a lot of room for manipulation and exploitation, which is where the dreaded term ‘cybercrime’ comes into play. With each passing day, as AI increases in sophistication, so does cybercrime.
A shocking trend that’s been seen with recent cybercrimes, is that more and more cybercriminals are turning to advanced AI-centric methods to perform complex attacks, breaches, identity theft usually targeting small businesses and enterprises. Individuals should be well aware of how to prevent such situations. Like to secure themselves from identity theft they must adopt the best identity theft protection services.
In addition to the use of AI to launch complex social engineering attacks and data breaches, there’s also the existence of ‘Deepfakes.’ If you weren’t already aware, deepfakes refers to the use of AI to superimpose an individual’s face or voice over another, which leads to the creation of fake videos of politicians saying things you’d never expect them to. It should also be mentioned that one of the most prevalent uses of deepfake technology is to create non-consensual pornographic videos of women, in an attempt to humiliate or harass them.
In addition to the looming threat that deep fakes pose to women and men- the deep fake technology can also be used to commit crimes, simply by imitating a person in power. A recent, noteworthy example is when cybercriminals imitated CEO’s voice, and then commanded a cash transfer of €220,000, which speaks volumes of the advancements made in the fields of AI, albeit with negative connotations.
In the CEO voice imitation scam, the cybercriminal imitating the CEO made the call to the head of a UK-based energy company and requested the urgent cash transfer to be initiated within the hour. According to the caller, the money was immediately required to be sent to a Hungarian supplier, which led to the head initiating the transaction and falling into the impeccable trap laid down by the scammer.
In retrospect, the scam baffled many cybersecurity specialists, since the grand scale of the crime opens up new AI avenues for other cybercriminals to prospect, therefore increasing the need for more vigilant and robust cybersecurity
Up till this point, we’ve only discussed the impact that the exploit of the AI technology has had on the cybersecurity so far, without taking into account the havoc the misuse of AI can wreak upon the future of cybersecurity.
With the ever-expanding Internet of Things (IoT), more and more devices are getting linked on to a single network, which increases the entry points for hackers to break into. With the use of a single AI application, bad actors could cause a huge level of damage, simply by breaking into and altering a car’s GPS system.
As the number of online activities that corporations rely on grows in number, the risk of a possible breach increases exponentially, particularly if you throw deep fakes and AI-centric social engineering attacks into the mix.
Perhaps even more alarming is the dire state of cybersecurity is in currently, with Juniper Research reporting that the damage caused by security breaches will rise from $3 trillion annually to a whopping $5 trillion by 2024, which amounts to annual growth of 11%. Combined with the fact that the increasing sophistication of AI, the discoveries made by Juniper Research raise some alarming questions.
Moreover, it should also be mentioned that the integration of AI into cybercrime isn’t limited to the exploitation of sensitive data from companies and enterprises, the technology can also be used to foster and propagate cyber-warfare. If you didn’t already know, cyber-warfare refers to the disruption of another country’s systems and functions through sabotage, exploitation and data theft. Add the misuse of AI into the mix, and you’ve got a recipe for complete disaster.
We’ll admit it. So far, everything we’ve said is enough to frighten the best of us. However, despite the bleakness surrounding the misuse of AI above, there is still hope. And surprisingly enough, that silver lining is artificial intelligence too.
The most significant step that companies, enterprises, and individuals can take to combat the persistent threat posed by the manipulation of AI is to formulate an AI-driven response, similar to the approach that cybercriminals take while launching AI-based attacks and breaches. Simply put, the only correct way to fight AI is with AI.
When integrated into an organization’s security infrastructure correctly, AI has the potential to virtually change the cybersecurity landscape. Not only can AI expand the reach of a cybersecurity analysis, but it can also detect anomalies in the network or system, and come up with solutions, based on the data the security team feeds it. An example of the successful integration of AI in perpetrating cybercrime is when Google stopped a staggering 99% of spam emails through machine learning.
At the end of the article, we’d like the reimburse what we said before- to fight the bad guys, you’ve got to learn their ways. Having said that, however, an enormous amount of responsibility lies in enterprises to ensure that AI isn’t being misused from their side of the spectrum. Moreover, the corporate sector needs to realize the potential that artificial intelligence has, and amalgamate that potential into their cybersecurity infrastructure.