Can AI cyberattacks be thwarted only by AI cyber defense solutions? Here’s a self-evident pitch from an AI-cyber defense expert.
Today, cyberattacks stand among natural disasters and climate change in the World Economic Forum’s annual list of society’s gravest threats.
As virtually every part of society has embraced the Internet, cybercrime has evolved from the realm of academic research to be part of a global marketplace of professional hacking services. With key nation-state players in the mix, no country is immune.
For the Asia Pacific region (APAC), the ramifications of the coronavirus pandemic have created a cyber landscape of hyper-change. The global health crisis has significantly changed the dynamics of this year’s upcoming holiday shopping season, and the region is now the world’s largest e-commerce market.
With this trend come significant changes for retail businesses in defending against web skimming of customer details and fraudulent emails targeting digital payment channels. Attackers understand the e-commerce market extremely well, and with operations running 24/7, will look to deploy ransomware to disrupt operations at peak times.
According to Darktrace’s most recent analysis, attacks against such virtual collaboration tools have increased by 300% across APAC businesses compared to pre-pandemic levels. The attacks range from insider threats, attempted data exfiltration, and even advanced zero-click attacks that can automatically infect an enterprise without any involvement from unwitting employees. This indicates that sophisticated attackers and even nation-state actors are attacking businesses’ rapidly changing digital infrastructure wherever and however they can.
What is more, it has been reported that across APAC there is a cyber-skills shortage of approximately two million workers, highlighting how stretched businesses are for both time and resources. This gap can only be filled by cutting-edge AI that augments human capabilities, optimizing the working relationship between human and machine brains.
Ultimately, adversaries ultimately think like enterprises, and if they can find a way to scale up their attacks, they will do it. Attackers themselves are set to capitalize on machine learning to deploy malicious algorithms that can adapt, learn, and continuously improve to evade detection. This signals the next paradigm shift in the cybersecurity landscape: AI-powered attacks.
We can expect offensive AI to be used throughout the attack life cycle: from crafting contextualized spear-phishing emails at scale, to speeding up the exfiltration of sensitive documents from compromised digital environments. A recent study uncovered how 88% of security professionals expected AI-driven attacks to be inevitable, and close to half of them saw this happening in the next year.
Already a significant attack-vector in Asia-Pacific, supercharged impersonation attacks will become more common as AI is used to automatically generate spear-phishing emails that expertly mimic the writing style of trusted contacts and colleagues, and even to create deepfake videos designed to confuse people and spread disinformation.
Ransomware will also be supercharged, and attackers are likely to develop more advanced capabilities that are designed to disrupt critical national infrastructures at lightning speed.
However, offensive AI prototypes are now being tested against defensive AI, mimicking what we expect to see happening soon in the real world: AI combatting AI in what is essentially a battle of algorithms. Cyber AI defenses are grounded in the philosophy that information about yesterday’s attacks cannot predict tomorrow’s threats.
Powered by unsupervised machine learning, defensive AI is equipped with a dynamic understanding of every user and device across the network and uses this evolving understanding to detect subtle deviations indicative of emerging attacks. APAC is at the cutting-edge of innovation and many government institutions as well as private sector businesses are already using AI to fight cyberattackers.
AI systems granted autonomous rights can even act on behalf of human security analysts, eroding the worry of what will happen when an out-of-hours attacks. Internal security investigations can now be entirely performed by AI that autonomously undertakes cyber-threat detection, response, and analytical heavy-lifting, rapidly churning through all threat contexts and putting the puzzle pieces together into a human-readable report.
The future of autonomous AI
When the major leap in attacker innovation and capability inevitably occurs, detection, investigation, and response must be conducted with the speed and scale of machine brains. The reality is that traditional security controls are already struggling to detect novel and advanced attacks such as zero-day malware; new command and control domains; or highly-convincing spear-phishing emails.
As businesses across APAC enter into the newly-supercharged battleground for control of digital infrastructures, propelled by a host of 5G architectures and Smart City connectivity initiatives, with AI defenses they will be both prepared and ready to fight back at machine speed.
In an emerging global cyber battleground, only AI can fight AI.