If you believe that human actors pose the greatest risk to cyber security, the following sentences will surely shake your core beliefs. Granted, that till date most malicious activities have been carried out by human pawns but change is coming. Artificial intelligence (AI) has been a real blessing for humans since its discovery. Its complex problem solving skills has been nothing but a positive for mankind. However, there is a very real danger of it being used for malicious intent.
Cybersecurity had a harrowing year as incidents tripled and quadrupled. The shutdown of critical infrastructure like the Colonial Pipeline in the United States or the illegal access of SolarWinds’ Orion software which compromised sensitive data are just two examples. These incidents show that it is not easy to keep certain actors at bay. Now add AI-enabled devices to mix and a very frightful picture begins to be painted.
We, at WebSecure, a vulnerability assessment, have followed such developments with great interest. Although there is limited evidence that AI is being used for such actions, it pays to stay one step ahead. In the worst-case scenario that such acts are taking place, being prepared will enable some form of defense to be mounted. Vulnerability assessment scans will have to be tweaked accordingly to identify such intrusions mounted by AI and process them accordingly.
An effective way to tackle such developments would be to integrate AI into cyber defenses. AI has the inherent weakness of being rife with vulnerabilities. Despite upgrades and safeguarding loopholes, the very nature of AI makes it susceptible. Machine learning, which is the basis on which AI systems are built, is very vulnerable to manipulation. Perhaps, this is where cybersecurity systems should focus on.
A critical component of the cyber defenses will, of course, be vulnerability assessment scans. ‘Lose sight, lose fight’ is a fighter pilot terminology which highlights the importance of keeping the target in focus. This is very much applicable in cybersecurity too. If vulnerabilities are not identified and monitored, it will be impossible to prevent any attempt to gain unauthorized access. As such, our experts at WebSecure are developing more effective strategies to incorporate these practices to our repertoire.
The possibility of AI-driven intrusions in network systems is very real. One would be foolhardy to not consider it given the technological advances made. A cent per cent safe system is a myth. That being said, it does not hurt to try and make critical networks as airtight as possible.