AI: Cyber Security’s Panacea, but Also Its Biggest Threat?
Cyber-crime – phishing emails, hacking and stolen credit card details. The Internet has brought many benefits, but it sometimes seems that dangers have arisen in equal measure. The fight against cyber-crime can sometimes seem as futile as King Canute trying to stop the tide coming in. Thankfully, AI is increasingly being seen as a new tool in this battle.
With voice assistants and smart home appliances increasing in popularity, the number of Internet-connected devices in the home is growing. Offices, hospitals, factories and a host of other business sectors are seeing similar changes. The growth of the Internet of Things, or IoT, means that ever more devices are being added to business’s networks. Each device, computer and smartphone is therefore a potential entry point for hackers to undertake their next attack.
Businesses and the cybersecurity industry itself are alarmingly unprepared. The demand for experienced personnel is outstripping supply, with 3.5 million positions predicted to be unfilled by 2021. And with hackers continually creating new and innovative attacks, there is concern that no one will be there to counteract.
This is where AI is starting to participate. Algorithms using machine learning are able to learn about attacks, even adapting as the virus evolves over time. By feeding in data of previous attacks and methods, AI is able to detect intrusions in real time, highlighting them before too much damage has been done.
It is even capable of monitoring the masses of data that funnels through internal corporate networks to detect insider threats, such as disgruntled employees uploading sensitive data to file-sharing sites. The normal network behavior of employees can thereby be learned as a base line. AI detects abnormalities that may indicate if someone is accessing files that they normally wouldn’t use, flagging this up to the cyber security team.
Of course, using AI is not a panacea that will fix our cyber security challenges. For now, it is probably best considered as our optimal tool to automate protection against known attacks and variations of them. This frees up experienced personnel to tackle the complex and new approaches developed by hackers.
They are certainly not resting on their laurels either and are applying AI technology to improve the success of their attacks. The natural language skill of AIs that power automated chatbots can be used to create phishing emails with convincing content. And AI can be pitted against AI too. Attackers can use their AI tools to learn strengths of their AI opponents, developing creative new approaches that trick the AI they are trying to outwit.
For most of us, it doesn’t matter whether humans or AIs are trying to steal our credit card data. Simple application of best-practice cyber hygiene, such as using unique passwords, and carefully reviewing emails, will remain an effective method against most Internet-based threats.