AI Will Boost Cybercrime & Security Threats

Experts say action must be taken to control artificial intelligence tech. The proliferation of artificial intelligence technologies could enable new forms of cybercrime, political disruption and even physical attacks within five years, a group of 26 experts from around the world have warned. 

In a new report entitled 'Malicious Use of Artificial Intelligence'  a panel of academic, industry and the charitable sector experts describe AI as a “dual use technology” with potential military and civilian uses, akin to nuclear power, explosives and hacking tools.

“As AI capabilities become more powerful and widespread, we expect the growing use of AI systems to lead to the expansion of existing threats, the introduction of new threats and a change to the typical character of threats,” the report says. 

They argue that researchers need to consider potential misuse of AI far earlier in the course of their studies than they do at present, and work to create appropriate regulatory frameworks to prevent malicious uses of AI.

If the advice is not followed, the report warns, AI is likely to revolutionise the power of bad actors to threaten everyday life. 
In the digital sphere, they say, AI could be used to lower the barrier to entry for carrying out damaging hacking attacks. The technology could automate the discovery of critical software bugs or rapidly select potential victims for financial crime. 
It could even be used to abuse Facebook-style algorithmic profiling to create “social engineering” attacks designed to maximise the likelihood that a user will click on a malicious link or download an infected attachment.

The increasing influence of AI on the physical world means it is also vulnerable to AI misuse. The most widely discussed example involves weaponising “drone swarms”, fitting them with small explosives and self-driving technology and then setting them loose to carry out untraceable assassinations as so-called Slaughterbots. 

Political disruption is just as plausible, the report argues. Nation states may decide to use automated surveillance platforms to suppress dissent, as is already the case in China, particularly for the Uighur people in the nation’s northwest. 

Others may create “automated, hyper-personalised disinformation campaigns”, targeting every individual voter with a distinct set of lies designed to influence their behaviour. Or AI could simply run “denial-of-information attacks”, generating so many convincing fake news stories that legitimate information becomes almost impossible to discern from the noise. Seán Ó hÉigeartaigh of the University of Cambridge’s Centre for the Study of Existential Risk, one of the report’s authors, said: “We live in a world that could become fraught with day-to-day hazards from the misuse of AI and we need to take ownership of the problems, because the risks are real. There are choices that we need to make now, and our report is a call-to-action for governments, institutions and individuals across the globe.

“For many decades, hype has outstripped fact in terms of AI and machine learning. No longer. This report … suggests broad approaches that might help: for example, how to design software and hardware to make it less hackable – and what type of laws and international regulations might work in tandem with this.”

Not everyone is convinced that AI poses such a risk, however. Dmitri Alperovitch, the co-founder of information security firm CrowdStrike, said: “I am not of the view that the sky is going to come down and the earth open up. 

“There are going to be improvements on both sides; this is an ongoing arms race. AI is going to be extremely beneficial, and already is, to the field of cybersecurity. It’s also going to be beneficial to criminals. It remains to be seen which side is going to benefit from it more.

“My prediction is it’s going to be more beneficial to the defensive side, because where AI shines is in massive data collection, which applies more to the defence than offence.”

The report concedes that AI is the best defence against AI, but argues that “AI-based defence is not a panacea, especially when we look beyond the digital domain”.

“More work should also be done in understanding the right balance of openness in AI, developing improved technical measures for formally verifying the robustness of systems, and ensuring that policy frameworks developed in a less AI-infused world adapt to the new world we are creating,” the authors wrote.

Guardian

You Might Also Read: 

AI Will Underpin Cybersecurity:

AI Cyber Attacks Will Be Almost Impossible For Humans to Stop:
 

 

« Foreign Interference In US Elections 'Will be repeated'
UN Chief Urges Global Rules For Cyber Warfare »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

SafeUM Communications

SafeUM Communications

SafeUM Secure Messenger is an encrypted secure communications protection mechanism for instant messaging.

Morphisec

Morphisec

Morphisec's world leading prevention-first software stops ransomware and other advanced attacks from endpoint to the cloud.

Authorize.Net

Authorize.Net

Authorize.Net is a Payment Gateway which provides the complex infrastructure and security necessary to ensure fast, reliable and secure transactions.

Luxembourg Institute of Science & Technology (LIST)

Luxembourg Institute of Science & Technology (LIST)

LIST is a mission-driven Research and Technology Organisation. Areas of research include IT and aspects of IT security.

SEC Consult

SEC Consult

SEC Consult is a leading European consultancy for application security services and information security.

Subgraph

Subgraph

Subgraph is an open source security company, committed to making secure and usable open source computing available to everyone.

Real Random

Real Random

Real Random is on a mission to enhance existing and new crypto-systems with its revolutionary solution to generating numbers that are Truly Random.

Cyber Base

Cyber Base

Cyber Base is an Information Technology company based in Uganda providing software and hardware solutions to clients.

TUV Rheinland Group

TUV Rheinland Group

TUV Rheinland Group is a testing services company with nearly 145 years of technological experience. We help you to protect your systems comprehensively, proactively and permanently.

Angoka

Angoka

Angoka provide hardware-based solutions for managing the cybersecurity risks inherent in machine-to-machine communication networks.

Axiado

Axiado

Axiado Corporation is a security processor company redefining hardware root of trust with hardware-based security technologies, including per-system AI.

Womble Bond Dickinson

Womble Bond Dickinson

Womble Bond Dickinson is a transatlantic law firm, providing high-quality legal experience and outstanding personal service from key locations across the United Kingdom and United States.

Strategic Technology Solutions (STS)

Strategic Technology Solutions (STS)

Strategic Technology Solutions specialize in providing Cybersecurity and Managed IT Services to the legal industry.

WireGuard

WireGuard

WireGuard is a communication protocol and free and open-source software that implements encrypted virtual private networks (VPNs).

Lintu Solutions

Lintu Solutions

Lintu Solutions is a trusted provider of comprehensive cybersecurity and enterprise risk management solutions.

Netia

Netia

Netia is a Polish telecommunications company providing a range of business services including network solutions, communications, data centre and cloud, and cybersecurity.