The future of cybersecurity will be about ‘fighting fire with fire’
In many ways, cybersecurity has always been a contest; vendors race to develop security products that can identify and mitigate any threats, while cybercriminals aim to develop malware and exploits capable of bypassing protections.
With the emergence of artificial intelligence (AI), however, this combative exchange between attackers and defenders is about to become more complex and increasingly ferocious.
According to Max Heinemeyer, Director of Threat Hunting at AI security firm Darktrace, it is only a matter of time before AI is co-opted by malicious actors to automate attacks and expedite the discovery of vulnerabilities.
- Here’s our list of the best endpoint protection services available
- Check out our list of the best identity management services right now
- We’ve built a list of the best patch management solutions out there
“We don’t know precisely when offensive AI will begin to emerge, but it could already be happening behind closed doors,” he told TechRadar Pro.
“If we are able to [build complex AI products] here in our labs with a few researchers, imagine what nation states that invest heavily in cyberwar could be capable of.”
When this trend starts to play out, as seems inevitable, Heinemeyer says cybersecurity will become a “battle of the algorithms”, with AI pitted against AI.
However, the consensus in recent years has been that intelligence-based services are ill-equipped to handle the pace of the modern threat landscape. In other words, as new threat types and attack vectors emerge, these legacy tools are powerless until updated with new intelligence, by which time it is too late.
This problem will only be aggravated by the emergence of offensive AI, which will allow cybercriminals to automate attacks in a way never before seen, as well as to identify potential exploits at a faster rate.
An example of a contemporary malware campaign capable of eluding signature-based security solutions is Emotet, a loader botnet that was recently taken down in a sting operation that spanned multiple international intelligence agencies.
“Emotet is really interesting because it was so resilient and its structure extremely modular. It used different levels of backups and command and control servers, some of which were even peer-to-peer,” Heinemeyer explained.
Source: Tech Radar