Cybercriminals are constantly coming up with new strategies to circumvent the security measures companies put in place to stop them.
This creates a perpetual arms race that seems destined to rage for as long as there are computer systems that contain valuable data worth compromising.
The emergence of Artificial Intelligence (AI) opens up opportunities on both sides of this conflict. Let’s look at how hackers might leverage this technology and what security specialists can do to fight back.
Building momentum with brute force attacks
Hackers can make tens of thousands of dollars each month from their nefarious activities. So the incentive to keep attempting to crack into heavily protected systems and services is enormous.
One way of doing this is purely via brute force guesswork, with crooks leveraging software to unpick passwords, filtering out millions or even billions of possible combinations of letters, numbers, and symbols to arrive at the right one.
Brute force hacking is being streamlined with the help of machine learning. Much like legitimate big data projects, hackers have been scrutinizing databases of illegitimately acquired user passwords and using their findings to predict passwords that are in use elsewhere. Machine learning helps the attacker generate passwords similar to existing ones, significantly increasing the success rate of brute force attacks.
There are various ways for organizations to defend against this type of attack, such as insisting on strong, random, and regularly changed passwords, implementing multifactor authentication, and relying on an access control compliance report to ensure policies are being adhered to.
Eliminating legwork with automation
Another important aspect of AI in a cybercrime context is its ability to automate labor-intensive tasks and enable small teams to control vast infrastructures of compromised machines, creating and facilitating botnets that can take down all sorts of targets.
It is not just about implementing attacks through automation but also using smart software to identify the best targets, seeking out vulnerabilities, and preying upon them more efficiently.
Security researchers are doing their best to deflect the DDOS-style attacks, which are being made simpler with the assistance of automation. And indeed, automated security solutions are providing protection on the other side of the battle, shrugging off the malicious interference without relying on people power above all else.
Exploring the potential for AI-enhanced malware
Malware and viruses are nothing new, but what makes them manageable from a security perspective is that once they are out in the open, security researchers can find ways to patch the weaknesses they exploit and prevent them from causing further harm.
The danger that experts are most concerned about at the moment is for cybercriminals to develop self-learning malware that has machine learning built into its bones.
This would mean that if a machine were infected, the malware would behave like a biological virus, mutating as it learns to sidestep defenses and cause harm long after its inception, without the original programmer needing to tweak it manually.
The good news is that for the time being, such malware does not truly exist, even if it is something that hackers are almost certainly working towards. It is up to security specialists to account for this threat in their ongoing work and create tools to tackle intelligent malware as and when it emerges.
Looking to a brighter future
While hackers can undoubtedly profit from the use of AI to enhance their operations, the same tools and technologies are also in the hands of the good guys.
As such, for the average internet user, there is no need to be overly concerned about what the future holds from a cybersecurity perspective. Stay in the loop about the latest news on this topic, stick to best practices for staying safe online, and you should be fine.