WHY THIS MATTERS IN BRIEF
Powered and fuelled by AI cyber attacks are about to go full auto and noone is prepared for what’s coming.
Every second of every day cyber security experts around the world are engaged in a virtual war with criminals, hackers and wayward foreign governments, and the war is becoming more prominent and intense, so much so that the US now has a Cyber DEFCON scale. That said though, and something I’ve been saying for years, it is now becoming increasingly clear that we are at the start of a new cyber revolution, and it’s been years in the making.
Two years ago DARPA ran a Capture the flag competition pitting defensive and offensive AI “Robo-hackers” against each other, and eighteen months on the results were so impressive that the Pentagon announced they’d taken the winner, ironically a platform called “Mayhem,” and were using it to defend their “critical assets.”
Now, mere months later this same AI fuelled technology, that was once confined to the labs and special agencies is slowly getting into the wild, and a recent cyber attack in India had all the hallmarks of something that security experts have been dreading for years – an AI powered cyberattack that used AI driven offenses to counter AI driven defences.
In the cyberattack in question, which many experts think is the first of its kind, but that’s likely to be just the first one we’ve officially identified and categorised as an AI powered attack the malware in question learnt as it spread, altering its methods to stay in the target system for as long as possible in order to avoid detection.
“Those were the ‘early indicators’ of an AI powered attack,” said Ms. Eagan, a Director at Darktrace, a bleeding edge cyber security firm based out of Cambridge in the UK.
Essentially, the malware managed to figure out its surroundings and rapidly mimic the behaviours of, interestingly, the network, the system it was in and also the system’s users. However, in this specific case, while it was an unprecedented form of cyberattack, which, according to Symantec has now been used to attack banks in over 30 countries, it stopped short of being a “fully fledged” AI driven piece of software.
That’s just one of the worrying things about this attack, because now that we have AI programs, such as Google’s AutoML that can design better AI’s than humans, and hundreds of thousands of times faster than humans, these attacks aren’t just going to accelerate, they’re going to accelerate and proliferate exponentially, and if your organisation isn’t prepared for this new style of onslaught then frankly, you’re going to get slammed, and it could get very ugly very fast.
“What was concerning was that this attack, once it got into the network, used AI techniques, like trying to learn the behaviours of employees on the network, to remain undetected for as long as possible,” said Ms. Eagan, a Director at Darktrace.
However, that’s not all, in another worrying trend, experts are increasingly discovering that cyber criminals are trying out their new tools and methods on developing countries, outside of the West, such as Africa, India and South Korea and that these countries, like the Ukraine are “becoming the hackers new test beds.”
That said though there may be a faint glimmer of hope for organisations hoping to limit the impact of what will inevitably become one of the most devastating types of cyberattacks in the form of new adaptations of TOR, the favourite tool of the Dark Web, that will help you obfuscate your connected devices and end points, hackproof code, self-destructing algorithms, also known as “One Time Programs,” and new, emerging quantum communications, encryption and information platforms. Sleep tight CISO’s because tomorrow you’re going to need to bring your game face. Again.