It’s no secret that big data and the Internet of Things have led to massive connections in our lives and work. We have smart thermostats. Many people use FitBits. Google’s Alexa continues to move into plenty of homes. Our world depends on machines talking to each other. Their language is data. The amount of data is growing beyond the ability of human management. As this continues, we’ll rely more on artificial intelligence to coordinate how the IoT works.
Time for an uncomfortable question: With compromised AI, what do we do? I’m not talking about some science-fiction 2001: A Space Odyssey scenario. This is about the kind of large-scale cyberattacks that have become commonplace. Think about what we already know about technology:
- Any technology can do good or bad things for and by its user.
- If someone stands to profit from it, the chance of technological use for ill skyrockets
- We have serious cyber security problems at both the consumer and enterprise levels.
What will be the impact of our increased reliance on AI?
Could a Malicious AI Trick a Human?
One of the hardest cyber threats to protect against is the use of “social engineering”. This can gain entry into a targeted system. In other words, a hacker can trick a user into giving code access to a protected network. It’s easy to do. A hacker pretends to be an IT support engineer online, asking users to share their passwords.
As AI gets better at social interactions, it will help hackers to automate their attacks. Imagine an AI handling customer support calls and other interactions with humans. That means that its programming can trick humans into damaging their own data. Users would download malicious code or share security credentials. They would be unaware that an AI had misled them.
This would raise the number of attack attempts significantly. The result is greater automation of the hacking process.
“…As artificial intelligence (AI) systems become more capable, we will begin to see more automated…social engineering attacks. The rise of AI-enabled cyberattacks is expected to cause an explosion of network penetrations, personal data thefts, and an epidemic-level spread of intelligent computer viruses.”
Note the words “explosion” and “epidemic” (emphasis mine). If you think the current hacking situation is bad, just wait. It’s going to get worse. Also, consider our reliance on AI to help manage the IoT. Suddenly, the situation seems even more worrisome. The hardest part of cybersecurity becomes harder. What do we do?
Fight AI with AI
Good news! AI can combat AI-facilitated attacks. For example, phishing attacks are often used to gain access to corporate secrets. HR managers have to daily accept files from outsiders and are often targeted the most. A skilled IT Security professional can exploit this. An AI system inside the network can learn to identify the HR manager’s access habits. It will look for anything the manager does that seems out of the ordinary. Then the AI can use that information to its advantage.
If an HR account is accessing data is never has before, that’s a bad sign. It usually means that the network has been a victim of a hacking. The phishing attack was successful. But there is a twist! Once the AI learns these patterns, the same attacking program can now foresee threats.
The AI Cyberattack Threat Is Serious
To be clear, technology can attack but can also defend. You have to make sure you’re taking the arms race seriously. This also means training and educating your workforce to prepare for social engineering attacks. Take a close look at any weaknesses in your IoT infrastructure. You must secure these spaces from AI-based cyberattacks.
Interested in reading more about the latest tools and strategies for cybersecurity? Take a look at our Cybersecurity resource hub. If you have more specific questions about securing your systems, contact us.