Can Artificial Intelligence be used in cyber-attacks?

Confira neste artigo

The answer is so affirmative that artificial intelligence (AI) is already at the center of major cyber-attack concerns. This is interesting, because while AI is becoming a threat, it is also important for cybersecurity.

What we actually have is artificial intelligence being incorporated into a range of security products and services. This is how we try to prevent cyberattacks, but in the meantime technology can also introduce new threats.

Artificial intelligence: hero or villain?

At the famous Black Hat security conference, security company SparkCognition unveiled the first “cognitive” antivirus system based on Artificial Intelligence (AI), called DeepArmor.

DeepArmor aims to protect networks from cyberattacks by combining AI techniques, such as neural networks, heuristics, data science and natural language processing, with antivirus to locate and remove malicious files.

This brings us to a big question: what happens when cyberattacks are designed on the basis of artificial intelligence? The same technology that protects has the potential to attack, that’s the reality.

To understand this possibility, just remember the concept of AI. In short, artificial intelligence is the simulation of human intelligence processes, but carried out by machines.

These processes include learning (the acquisition of information and rules for using the information), reasoning (using the rules to reach approximate or definitive conclusions) and self-correction.

Current examples of AI demonstrate the ability of this technology to adapt to different circumstances. There are various techniques and tools for this, for example:

  • Machine learning;
  • Deep learning;
  • Natural language processing;
  • Among others.

Artificial intelligence can be used to protect us, but it also makes us think about various cybersecurity threats. After all, nothing prevents criminals from using AI for malicious and potentially risky purposes.

Artificial intelligence and its evolution

As far as the market is concerned, artificial intelligence is booming. You should already be aware of how this advanced technology is being applied in different sectors.

It integrates the strong digital transformation currently taking place and new products and services that emerge every year. This increases the expectations of companies that invest in its application.

In practical examples, we see industry evolving its production processes based on automation integrated with AI. This way, better quality products are generated and production costs are considerably reduced.

It is also worth highlighting the application of Artificial Intelligence in the digital market. We have consumer chatbots in customer service and support and virtual assistants associated with the Internet of Things, promising a major revolution in the coming years.

On the other hand, as the capacity of Artificial Intelligence increases and becomes more powerful, it is possible to foresee an expansion of virtual threats and attacks at the same time.

As attackers acquire technical knowledge, they will create vulnerabilities using artificial intelligence, introducing new threats. In this way we are led to a certainty about the efficiency of cyber attacks.

Evidence of cyberattacks highlights the need to be prepared

There is a silent war going on and it revolves around cybersecurity.

Cyber attacks on strategic government sectors such as power stations, air traffic control and transportation systems are nothing new. So they should already be preparing.

The website HACKMAGEDDON is constantly publishing statistics on cyber attacks. June’s figures show that 12.5% of attacks include espionage cyberattacks, which can include governments. In addition, 84% of the cases had only criminal objectives. See more in the graph below:

https://i2.wp.com/www.hackmageddon.com/wp-content/uploads/2018/07/June-2018-Stats-Featured.jpg?resize=800%2C445&ssl=1

Figure 1: Cyberattacks June. Source: hackmageddon

The vulnerability of strategic sectors shows the need to increasingly protect and monitor control systems connected to the Internet.

The potential for these attacks has been growing for several years. After all, more and more systems are being connected and new technologies such as artificial intelligence are emerging.

This concern also applies to companies in strategic sectors, since it increases the risk of cybersecurity for infrastructure that is considered critical.

It is important that companies actively monitor and protect their data networks and management and production solutions. In addition, an important aspect of this concern is having complete visibility of IT assets and their security risks.

HSM Moderno
 

Is the use of cryptography at risk with artificial intelligence?

As we already know, encryption is one of the main foundations of the Internet. It allows the reliable exchange of information between two entities on the web, as well as protecting the identity of people online.

Without this technology, financial institutions wouldn’t be able to transfer money online and companies wouldn’t be able to share documents over the Internet. In addition, there are several other examples of the applicability of encryption technology.

Unfortunately, encryption is under attack, and not just today, especially thanks to artificial intelligence. Attempts to override its complexity range from backdoors to algorithms that try to “break” the encryption in order to access confidential data.

Artificial intelligence is yet another threat to the systems that are considered secure and that guarantee millions of financial transactions around the world.

With artificial intelligence applied to cyberattacks, is the world lost?

We don’t have to go very far back in our history to remember the cases in which technological advances have served both good and evil.

The great danger in this rapid evolution of technology lies precisely in its speed. This shows that it will take proactive initiatives to stay ahead of cybercriminals.

The first steps to be taken in preventing virtual attacks using AI will be to invest in security policies and encourage research and development.

In this way, the main aim should be to create research institutions, developing publications and sharing schemes. Always aiming to promote safety, as well as a culture of responsibility through norms and standards.

It will also seek to develop technological and political solutions to build a safer future with AI.

There is also a need to implement specialized and dedicated groups that integrate government and private initiative in the formal verification of threats, in the disclosure of AI vulnerabilities and in security tools and secure hardware.

Artificial Intelligence will also protect us from cyberattacks

Although we have a worrying scenario with the potential use of artificial intelligence in relation to cyber-attacks, it is worth remembering that it will also be used to our advantage.

The risk is there, but experience also shows us that we need to do our bit. As you’ve already seen, AI has the potential to protect us, as well as bringing numerous benefits in various areas.

The strategy to be used is a continuous security approach. After all, there will always be risks and organizations need to be able to deal with them, reducing this risk to a manageable level at all times.

In addition, we mustn’t forget the importance of cybersecurity professionals in all this evolution, the tools, policies and processes applied to data security and the prevention of attacks.

Industry and government must do more to raise awareness of the cyber security profession, as well as the policies and good practices to be used in preventing and dealing with incidents.

There is a lot to be done and, as with other threats, this text suggests a constant search to guarantee the security of information for companies and their users.

Subscribe to our newsletter and stay up to date with Eval news and technologies. Keep following our content on the blog and our Linkedin profile.

About Eval

A Eval está há mais de 18 anos desenvolvendo projetos nos segmentos financeiro, saúde, educação e indústria. Desde 2004, oferecemos soluções de Autenticação, Assinatura Eletrônica e Digital e Proteção de Dados. Atualmente, estamos presentes nos principais bancos brasileiros, instituições de saúde, escolas e universidades, além de diferentes indústrias.  

Com valor reconhecido pelo mercado, as soluções e serviços da Eval atendem aos mais altos padrões regulatórios das organizações públicas e privadas, tais como o SBIS, ITI, PCI DSS, e a Lei Geral de Proteção de Dados (LGPD). Na prática, promovemos a segurança da informação e o compliance, o aumento da eficiência operacional das empresas, além da redução de custos.  

Inove agora, lidere sempre: conheça as soluções e serviços da Eval e leve sua empresa para o próximo nível.  

Eval, segurança é valor. 

Sobre o(s) autor(es):

Autor