Britain Turns To AI To Counter Espionage

Uploaded on 2020-06-08 in TECHNOLOGY-Key Areas-Artificial Intelligence, INTELLIGENCE--Europe, GOVERNMENT-National, FREE TO VIEW, TECHNOLOGY--Developments

Spies will need to use Artificial Intelligence (AI) to counter a range of threats, an intelligence report for the British spy agency GCHQ says.  Adversaries are likely to use the technology for attacks in cyberspace and on the political system, and AI will be needed to detect and stop them.
 
The UK's intelligence and security agency GCHQ commissioned a study into the use of AI for national security purposesIt warns that while the emergence of AI creates new opportunities for boosting national security and keeping members of the public safe, it also presents potential new challenges, including the risk of the same technology being deployed by attackers.
 
Modern-day cyber security threats require a speed of response far greater than human decision-making allows. Given the rapid increase in the volume and frequency of malware attacks, AI cyber defence systems are increasingly being implemented to proactively detect and mitigate threats. Intelligence and espionage services need to embrace AI in order to protect national security as cyber criminals and hostile nation states increasingly look to use the technology to launch attacks.
 
The aim of this project is to establish an independent evidence base to inform future policy development regarding national security uses of AI. 
 
The requirement for AI is all the more pressing when considering the need to counter AI-enabled threats to UK national security. Malicious actors will undoubtedly seek to use AI to attack the UK, and it is likely that the most capable hostile state actors, which are not bound by an equivalent legal framework, are developing or have developed offensive AI-enabled capabilities. 
 
In time, other threat actors, including cyber-criminal groups, will also be able to take advantage of these same AI innovations and they will create: 
  • Threats to digital security include the use of polymorphic malware that frequently changes its identifiable characteristics to evade detection, or the automation of social engineering attacks to target individual victims. 
  • Threats to political security include the use of ‘deepfake’ technology to generate synthetic media and disinformation, with the objective of manipulating public opinion or interfering with electoral processes. 
  • Threats to physical security are a less immediate concern. However, increased adoption of Internet of Things (IoT) technology, autonomous vehicles, ‘smart cities’ and interconnected critical national infrastructure will create numerous vulnerabilities which could be exploited to cause damage or disruption. 
The research highlights several ways in which intelligence agencies could seek to deploy AI: 
  •  The automation of administrative organisational processes could offer significant efficiency savings, for instance to assist with routine data management tasks, or improve efficiency of compliance and oversight processes. 
  • For cybersecurity purposes, AI could proactively identify abnormal network traffic or malicious software and respond to anomalous behaviour in real time. 
  • For intelligence analysis, ‘Augmented Intelligence’ (AuI) systems could be used to support a range of human analysis processes, including:   
    • Natural language processing and audiovisual analysis, such as machine translation, speaker identification, object recognition and video summarisation.
    • Filtering and triage of material gathered through bulk collection. 
  • Behavioural analytics to derive insights at the individual subject level. 
None of the AI use cases identified in the research could replace human judgement and it is thought that systems that attempt to ‘predict’ human behaviour at the individual level are likely to be of limited value for threat assessment purposes. 
 
The use of AuI systems to collate information from multiple sources and highlight significant data items for human review is likely to improve the efficiency of analysis tasks focused on individual subjects. However, concerns over the ethical use of AI are highly subjective and context specific. Experts continue to disagree over fundamental questions such as the relative level of intrusion of machine analysis when compared with human review and despite a proliferation of ethical principles, there is a lack of clarity on how these should be operationalised in different sectors, who should be responsible for oversight and overall scrutiny. 
 
One of the most difficult legal and ethical questions for spy agencies, especially since the Edward Snowden revelation of mass domestic surveillance in the US, is that of justifying the collection of large amounts of data from ordinary people in order to sift it and analyse it to look for those who might be involved in terrorism or other criminal activity.
 
GCHQ:        BBC         RUSI:       ZDNet
 
You Might Also Read: 
 
From Ciphers To Cyber Security:
 
 
« Hackers Targeting Both Trump & Biden Presidential Campaigns
The History Of The Internet And Its Possible Future »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

IOActive

IOActive

IOActive serves as a trusted security advisor to the Global 500 and other progressive enterprises, helping to safeguard their most important assets and improve their overall security posture.

Securi-Tay

Securi-Tay

Securi-Tay is an information Security conference held by the Ethical Hacking Society at Abertay University, Dundee.

Cyber Seguridad (Cyberseg)

Cyber Seguridad (Cyberseg)

Cyberseg provides specialized Cybersecurity services, including managed services (SOC / CERTs) and solutions for the protection of critical infrastructures.

Cyber Security Specialists

Cyber Security Specialists

Cyber Security Specialists Limited provide Security services across a wide range of markets, from multi-national Corporate Organisations and Government Agencies, through to smaller Businesses.

Oak Ridge National Laboratory (ORNL)

Oak Ridge National Laboratory (ORNL)

ORNL conducts basic and applied research and development in key areas of science for energy, advanced materials, supercomputing and national security including cybersecurity.

Wotan Monitoring

Wotan Monitoring

Wotan Monitoring is the software solution for fully automatic process monitoring, infrastructure monitoring and end-to-end monitoring.

netfiles

netfiles

netfiles offers highly secure data rooms for sensitive business processes and secure data exchange.

KOVRR

KOVRR

Kovrr financially quantifies cyber risk on demand. Our technology enables decision makers to seamlessly drive actionable cyber risk management decisions.

White Bullet

White Bullet

White Bullet’s risk profiling AI detects, dynamically scores and flags unsafe domains, apps and advertising.

ECHO Project

ECHO Project

The main objective of ECHO is to strengthen the cyber defence of the European Union, enhancing Europe’s technological sovereignty through effective and efficient multi-sector collaboration.

Qascom

Qascom

Qascom is an engineering company offering security solutions in satellite navigation and space cybersecurity. We are one of the European key players in GNSS authentication and security.

OX Security

OX Security

OX is a DevOps software supply chain security solution. Teams can verify the integrity and security of every artifact using a pipeline bill of materials (PBOM).

OneStep Group

OneStep Group

OneStep Group are a leading Australian provider of information and communications technology (ICT) services, connecting businesses through technology solutions and support.

ACDS (Advanced Cyber Defence Systems)

ACDS (Advanced Cyber Defence Systems)

ACDS was founded in the belief that cyber security can be done better. We’re combining emerging technologies and proven methods to bring a new approach to tackling the growing threat landscape.

Merlin Ventures

Merlin Ventures

Merlin Ventures is a strategic investor focused on driving growth and value for cybersecurity software companies with market-leading potential.

Cyberverse Foundation

Cyberverse Foundation

Cyberverse Foundation is an organization dedicated to building a robust cybersecurity ecosystem in India.