- Tobiáš Trnka
Artificial intelligence (AI) – the perfect tool or a double-edged sword?
Like any modern field, the field of cyber security must inevitably "follow the trend" - and one of the biggest trends in recent months is artificial intelligence, its use and making it available to the public. For example, the popular ChatGPT was tried by more than 1 million users a week after its launch on 11/30/2022, and this number grew more than a hundredfold by January 2023. But how does the meteoric rise of artificial intelligence translate into the world of security risks?
Let's look at the bright side first. Various AI capabilities such as machine learning (creating a model based on sample data and using it to make predictions or decisions) today give us the ability to work with quanta of data that would take humans a disproportionate amount of time to analyze. Artificial intelligence can therefore not only detect unusual patterns of behavior or weaknesses in large networks, but also predict potential threats before an actual attack occurs. AI can also help create secure systems with intelligent security rules that are able to automatically respond to new threats. Such systems can then easily perform security audits and monitor network activity. (more information on how machine learning can be used, for example inthis article)
Artificial intelligence can be a very good helper even in the "ordinary" automation of certain tasks, thus saving time and resources. According to an analysis by IBM Security, in 2021, teams using AI took nearly 14 weeks (99 days) less to detect, respond to and “recover” from a cyber attack than teams that were not using AI.
Unfortunately, all that glitters is not gold – and equally, not every aspect of AI is positive, and this is doubly true when it comes to cybersecurity. Unfortunately, there are many ways AI can be misused to attack secure systems.
An easy way artificial intelligence can be misused, is to let it create DeepFake videos to spread disinformation or Phishing. A great – and chilling example – is when hackers extorted £220,000 from the CEO of a British energy company by DeepFake a voicemail from his "supervisor" (the full story is described here. The use of the aforementioned Chat GPT is also very popular in this field. This tool can be used to create email messages used for Phishing - very efficiently and with minimal effort. Likewise, AI can be used to create fake profiles and accounts that try to obtain sensitive information from users or to defraud them.
Another example is Malware using artificial intelligence. Such Malware is capable of "learning to think for itself", i.e. adapting its course of action to the situation and targeting the systems of its selected victims individually, unlike "regular" malware which targets a large number of people with the intention of successfully attacking a small percentage of them. Already in 2018, IBM was able to create Malware called "DeepLocker" to demonstrate the existence of such a threat. (more about DeepLocker for example here)
Last but not least, the ability of "machine learning" can easily be turned into a security risk. AI, thanks to its ability to analyze large amounts of data, can detect security flaws in the system. So if used by an attacker, it can be taught how to break security and cause damage.
So most AI features that can make our daily lives easier can just as well be used against us. Overall, AI poses a cybersecurity challenge and must be treated as such – like a sharp knife that not only cuts easily, but also cuts you easily.
