Artificial intelligence technologies are now being leveraged to execute intelligent cyberattacks. Hackers are combining open-source AI technologies with malware to create these AI-based attacks. This is a trend that is creating new types of advanced and sophisticated threats.
AI technologies are used to conceal the malware embedded in applications. Using AI, the malicious behavior of the code is not triggered until the application reaches a particular target.
Cybercriminals usually conceal the unwanted information through applying an AI model and then derives a private key to determine the time and place of unlocking the hidden malware.
Any type of app feature can be pre-defined as the AI trigger for unleashing an attack. For example, malware can be concealed to activate only after a voice recognition feature has been used. Any feature, including systems for authenticating users through visual recognition, geolocation, or the aspects implemented in a computer system to bolster identity management, can be used to trigger a hidden malware once they are used. This can cause a devastating attack, especially since cyber adversaries can use any of the indicators mentioned above to feed malicious AI models, derive a key, and then make a decision to attack at will. As such, malware can be present in a benign application for months or years as an attacker waits to launch where targeted systems will be more vulnerable and hence, susceptible to more damages.
AI Weaponization increases Sophistication
AI technologies can further be weaponized to increase the sophistication of cyber-attacks. AI-powered cyber-attacks can be very targeted to a specific system or individual and evasive such that the current security tools like firewalls or IDS are overwhelmed. This would give an attacker the upper hand causing massive damages. Moreover, AI technologies are capable of introducing an entirely new speed and scale of a cyber-attack. This can be possible since attacks can be equipped with autonomous and intelligent reasoning that can cause attacks to spread independently of any input or control from the attackers.
AI can Adapt to New Environments
Also, one unique factor about AI is its ability to adapt to a new environment or to use intelligence or knowledge acquired from past occurrences. The same can be applied in creating intelligent viruses and malware or modeling adaptable attacks. AI technologies are capable of learning and retaining what worked during an attack, as well as take stock of hindrances. Therefore, cyber-attacks based on AI can fail in a first attempt, but their ability to adapt can result in a successful attack on a second trial. Due to this, the security community and leading security firms need to gain an in-depth understanding of the basics behind the creation of AI-powered attacks and their subsequent capabilities so that they can develop adequate controls and mitigations.
Weaponizing cyber-attacks with AI can also create intelligent malware that can self-propagate in a network or computer system. The malware can exploit any vulnerability they come across, thus increasing the likelihood of fully compromising the targeted networks. The potential destructions associated with such malware is unfathomable. WannaCry, one of the most significant and most devastating ransomware attacks in history, exploited only one vulnerability, the EternalBlue exploit. Imagine the potential destruction had an AI-powered malware attack been executed. AI malware can use other forms of attacks in case a selected vulnerability has been patched.
AI Attacks can Learn
AI can also be weaponized to enable malware to mimic components of a trusted system, thus improving stealth attacks. For instance, rather than guessing the periods in which an organization conducts business operations, AI can be used to learn it automatically. It can also learn the environment used in computations, i.e., Windows or Linux environment, the most used communication protocols, updates to security apparatus, and so on. This can enable an attacker to execute attacks that thoroughly blend in with the security environments such that it is difficult to detect the attack. Therefore, AI can power stealth attacks capable of compromising targets without detection.
AI weaponization is on the rise and cyber-attacks will only become autonomous, stealth, increase in speed and sophistication, and be able to exploit several vulnerabilities all at once. Extrapolation of attacks powered by AI reveals that malwares possess sophisticated characteristics but with a narrow input or understanding on AI. A combination of the characteristics will lead to a shift in the current cybersecurity paradigm. Organizations have to step-up their ability to counter emerging AI cyber threats. A preventive strategy is currently the best cybersecurity approach, but with advanced AI attacks, security will have to consider implementing AI-enabled0 defensive tactics.
I am a cyber security professional with a passion for delivering proactive strategies for day to day operational challenges. I am excited to be working with leading cyber security teams and professionals on projects that involve machine learning & AI solutions to solve the cyberspace menace and cut through inefficiency that plague today’s business environments.