In the game of cybersecurity, humans are the weakest link and usually the cause of unwanted breaches. Even highly educated and influent individuals can become unsuspecting targets of cyber-attacks, due to a lack of vigilance and taking security matters too lightly. Until now, this war was mainly human versus human. Things are about to change with the introduction of AI as the future of cybersecurity. It will soon be a challenge of super-computers against each other, much like it already is in the world of automated trading.
Challenges of cybersecurity
Human nature
The biggest threat to cyber security at this time is the careless nature of people towards passwords. The complexity of currently available algorithms would take years of continuous work by computers to break through brute force. However, users jeopardize their online safety by using simple passwords such as “123456” or their pet’s names. Most users release a significant amount of personal data through social media every day. It could take seconds for an algorithm powered by AI to break into sensitive accounts by leveraging user-generated content, freely available online.
Although awareness about cyber threats is high, there has been no notable change in the behavior of people, leading to better protection. We are afraid of hackers. Still, we cannot resist the curiosity of opening an e-mail or attachment that look suspicious. AI is learning more and more about such behaviors and, in the wrong hands, could produce seductive title lines, almost impossible to ignore. Pair this with the ability to mimic a trusted sender, by studying your closest friends circles from social media, and you have a recipe for large-scale disaster.
IoT is not secure
If our carelessness is not enough, through IoT, we are inviting hackers in our living-room, possibly through our HVAC. An increasing number of households are adopting the convenience of devices controlled through the Internet, without worrying abut the possible intrusions and security breaches. However, these devices are gathering and generating impressive amounts of data. In the wrong hands, the patterns could reveal behaviors that could compromise our personal security.
AI can learn about your preferences and be as welcoming as a 50’s housewife, yet it can be a threat to your family’s security. If a hacker can control the devices in your house, you are not enjoying the privileges of a modern life, but starring in Big Brother. Be sure to check the list of permissions you are granting each app you install to control different devices. Think if you would allow a real human, such as a house-maid, the same permissions. The list includes viewing photos, listening to conversations or saving personal messages.
Solutions for Cybersecurity
AI poses threats, but it also offers solutions. On the Iflexion blog, it was described as a two-way street, involving the most brilliant minds on both sides in a cat and mouse game.
Automate tasks with AI
The first use of AI is to automate time-consuming tasks related to security. An increasing volume of communications and gigabytes of information which are being created every second make it impossible for humans to detect threats in due time. The new approach is to build algorithms and train them using existing historical records of attacks. Hopefully, the algorithm will not only be able to detect current attacks but even get predictive capacities. The explanation resides in pattern analysis and correlating the behavior of individual IP addresses with malicious intents.
The need for automation is huge, as the current cybersecurity specialists are soon to be overwhelmed by the amount of work coming their way. Currently, there is an imbalance between the existing number of cyber experts and the number of hackers. Employing machines for this job will decrease costs and increase accuracy. There is currently a shortage of experts. The solution is to automate the tasks, or the problem will become even greater in the next few years. Even if AI is taking on the repetitive part of the work, scientists still need to develop new algorithms and calibrate machines.
Educate & Protect
Isolating computers from the network is not a feasible solution. The only possible response is to define and impose new safety standards. Training all employees who use a computer on minimal network safety standards should also be on the list. Attackers make their way in the systems through vulnerable parts, backdoors and when there is no protection in place. To give an example, ransomware attacks and personal privacy intrusions are some of the most dangerous current types of cyber-crime. With a sophisticated AI system, such a trojan or virus could become very threatening. It learns what are the most important types of files and will demand increasing amounts, correlated with the information sensitivity.
“Compliance is the new security.” Make sure your organization follows established best practices and that you define your rules. Asking for the advice of a cybersecurity specialist can help the company develop a set of rules to follow to avoid leaks.
Harnessing the power of AI for the good and designing algorithms that feed on big data produced by the organization to protect it instead of opening it up to future attacks. The best thing about AI is that its learning capacity is similar to a child’s. The more you tell them, the more they know.
Conclusions
Starting with the Enigma machine, the dance between encryptors and decryptors has been a tight one. AI is taking this to a whole new level. Organizations will compete against hackers on multiple levels: infrastructure, algorithms and reaction time. The goal is to change from minimizing the threat to eliminating the threat. The prediction for the future is that people will focus more on thinking about algorithms. Daily tasks will be machine versus machine; it will be a significant shift in data security, from operational to strategic thinking. As computers become more intelligent, any breach can cause the organization’s system to become an open book.