As artificial intelligence (AI) becomes science fact rather than science fiction, it has attracted a great deal of interest for its potential applications in business. However, just as there are many incredible positive opportunities for AI in virtually all facets of life, there can be no doubt that it can bring challenges too.
One of the major areas that AI could potentially start to create issues for businesses is for its applications for cybercriminals. There are already aspects of cybercrime that have been significantly impacted by the use of AI – and this only looks certain to get worse as the technology becomes more readily available.
In this article, we take a look at the impact of AI on cybersecurity in terms of how cybercriminals are using it to deploy new techniques and tactics. AI is something that needs to concern business owners and IT professionals for its potential to negatively affect company security.
Password cracking
One of the first ways that AI was weaponised by cybercriminals came in the form of password cracking. For years it has been common knowledge that everyone needs to create passwords that are difficult to guess. But, this has been taken to another level with modern suggestions for strong passwords recommending upwards of ten characters, no dictionary words, and a combination of lower and upper case letters, numbers and special characters.
Some of the strongest AI password cracking programs have shown the ability to guess upwards of 90% of passwords. While some crackers simply rely on brute force, and try as many combinations as possible, AI-driven password crackers are able to learn from previously leaked passwords as well as probability methods.
It is essential, then, for businesses to ensure that staff understand how to create passwords that cannot be easily cracked.
Polymorphic malware
Standard malware has a digital signature. This is what allows it to be identified by firewalls and blocked before it can enter the system. And, while firewalls are still effective in this capacity, they cannot defend against polymorphic malware. This form of malware ‘constantly changes its identifiable features in order to evade detection’.
AI-driven malware is able to understand and learn the elements of its own identifiable features that stop it from passing through firewalls – it can then change these so that it cannot be seen as a piece of malware.
This is why it is essential to invest in broader cybersecurity measures than just the traditional firewalls and antivirus solutions. It is no longer effective simply to be reactive – companies must look proactively for threats.
Deepfake technology
One worrying AI development that is going to be a big concern in terms of cybercrime is deepfake technology. One of the most common ways for cybercriminals to scam businesses is by making a member of staff believe that another member of staff wants a payment made to a new supplier, or perhaps wants their own paycheck paid into a different account.
In the past, this has been possible only through email. But with deepfake technology, it could be possible for cybercriminals to video call the company and pretend to be a member of staff.
“Most concerning to cybersecurity officials is deepfake technology,” says Laurens Cerulus at Politico “which uses reams of photos and videos to develop uncanny likenesses, or entirely new avatars. The technology has the power to generate pictures and videos that trick people into thinking they’re looking at the real thing”.
Advice to overcome AI cybercrime
It is important to remember that while AI-driven software can be a powerful tool for cybercriminals, it is always possible to put cybersecurity measures in place to protect your business. Understanding the best methods in staying secure is a vital part of your defences against cybercrime.
Some important tips and advice that can help you overcome AI-driven cybercrime include:
- Test your cybersecurity – feeling confident that your cybersecurity measures are powerful is good, but you need to ensure that this is genuinely the case. Investing in assessments such as penetration testing or simulated phishing can be extremely effective ways to do this.
- Limit what staff can access – staff should not be given full access to your IT system as “if every member of your firm has access to all of the personal details and other information stored, any breach of their credentials can give a cybercriminal access to everything they want”.
- Train your staff – it cannot be overstated just how important staff training is for cybersecurity. No matter how sophisticated your cybersecurity measures, there is almost no defence for staff being duped by phishing emails or falling victim to ransomware. Providing regularly updated staff training and awareness is essential.
AI is a force for good too
It should also be noted that AI is not only something that we should be concerned about in terms of cybersecurity. Just as criminals are finding nefarious uses for AI, cybersecurity professionals are increasingly using the technology within powerful cybersecurity tools and procedures.
“AI-driven security technologies have the potential to anticipate attacks and counter them in real-time,” says Matthew Bull of International Security Journal. “Given that cyberattacks of the future are expected to occur in microseconds, the ability to react at machine speeds is crucial. The role of humans in defending against attacks will shift, focusing instead on ensuring that enough intelligence is fed into security systems to make them successful.”
There can be no doubt that these sorts of advances are required. Modern IT systems and networks have become extremely complex. Monitoring them and keeping them as secure as possible can require levels of awareness and response that are above when humans can manage.
Just as cybercriminals have clearly embraced AI as a tool that can potentially benefit them, cybersecurity professionals must do the same.
AI has a huge range of potential applications across cybercrime but that should not leave businesses and IT teams disheartened. Yes, it is necessary to invest properly in cybersecurity – but doing so removes vulnerabilities from your system and ensures that your business is as protected as possible.