What if Artificial Intelligence (AI) could be used to power future malware? Could cybercriminals launch “AI-powered cyberattacks” with crippling consequences to both industries and individuals? Can AI be used as a tool for the attackers?
We explore all of these questions and more in a new white paper titled “Can artificial intelligence power future malware?” The white paper is a technical look into one of the industry’s most talked about topics, AI and Machine Learning (ML) while examining a variety of themes including how cybercriminals could employ AI in their attacks on mobile environments, IoT or even in targeted scenarios.
Within the white paper, we further highlight how AI and ML is often misunderstood and present results of a survey conducted with leading research company OnePoll. Nearly 1000 IT decision makers in the US, UK and Germany were questioned about their perceptions and concerns about AI and ML in the context of cybersecurity.
Interestingly, two-thirds (66%) of the respondents agreed that new applications of AI will increase the number of attacks on their organization and even more thought that AI technologies will make the threats more complex and harder to detect (69% and 70% respectively). On the other hand, large portions of the IT decision-makers in the poll believed that AI and ML would help them detect and respond to threats faster (80%) and help them solve cybersecurity skills shortages in their workplaces (76%).
Why the hype around AI?
Running a quick search for the term “AI” yields nearly 2.2 billion results so it’s quite easy to see why the AI topic is gaining traction in both the media and in the business world. It could very well be due to the ambitious promises and benefits AI promises to deliver upon, ranging from the complete automation of processes to solving the most complex issues facing multiple industries. Whatever the cause of AI’s rise in popularity, we believe that there are real implications for businesses related to the hype around AI’s promoted, albeit unattained, advantages.
In our survey, we found that 82% of IT decision-makers believe that the cyber security product implemented in their organization uses machine learning. Of the rest, 53% declared their organization is planning to implement such a solution in the next 3-5 years. The white paper, also details how supervised, unsupervised and semi-supervised learning algorithms work in cybersecurity, while also addressing some of the limitations of this technology.
Use cases for AI in malware and targeted attacks
Finding new vulnerabilities to exploit, concealing malware on a victim’s network or combining various attack techniques are all manners in which malware developers could use AI for their own purposes. Targeted attackers could potentially leverage AI in a way that allows them to identify whether a specific security solution is on the target’s network in order to determine how to proceed with their attack. We also report on additional use cases, tactics and techniques which cybercriminals may employ and that IT security teams should be aware of.
This white paper examines one of the most talked about topics in the cybersecurity industry and is essential reading for those in the industry as well those interested in learning about ML and AI.