Criminal Use Of Artificial Intelligence

Uploaded on 2020-11-06 in TECHNOLOGY--Developments, TECHNOLOGY-Key Areas-Artificial Intelligence, FREE TO VIEW, TECHNOLOGY--Hackers

Artificial Intelligence (AI) is being used by criminals to increase the power of their cyber attacks on commercial enterprise, but despite the increasing sophistication of criminal methods, there is a lot that organisations can also use it to protect themselves.

While the use of AI as a primary offensive tool in cyber attacks is not yet mainstream, its use and capabilities are growing and becoming more sophisticated. From targeted phishing campaigns to new methods of network penetration, there several ways that AI can be used by criminals to launch cyber attacks. 

Here are three of the ways that offensive AI is being used to deliver cyber security attacks:- 

Data poisoning: Data poisoning is designed to manipulate a training dataset to control the prediction behavior of a trained model to trick the model into performing incorrectly, such as labeling spam emails as safe content. There are 2 types of data poisoning: Attacks that target a network algorithm's availability and attacks that target its integrity. 

Generative Adversarial Networks: Generative Adversarial Networks (GANs) are basically two AI systems pitted against each other, one that simulates original content and one that spots its mistakes. By competing against each other, they jointly create content convincing enough to pass for the original. GANs also can be used for password cracking, evading malware detection, and fooling facial recognition. 

Manipulating Bots: If AI algorithms are making decisions, they can be manipulated to make the wrong decision and if hackers understand the models, they can abuse them. As automated decisionmaking grows more complex, the scope for forced errors increases.

Offensive-AI is an issue that all organisations must be prepared to deal with sooner rather than later. The time to review your approach and capabilities is now, before you are forced to do it retrospectively. A successful strategy needs to develop and deploy not only technical capabilities, but change cultural processes and governance to deal with the new approaches that AI will bring to an organisation.

Effective cyber security will always need human minds to build strong defenses and stop attacks. but security teams should make sure that they are putting AI technology to work in defence of their organisation. 

TechRepublic:       Computer Weekly:       ZDNet:     CDW Solutions:

You Might Also Read: 

AI Can Help Fight Coronavirus Cyber Crime:

 

« US Cyber Command Were Running An 'Election Special'
How to Transition From Remote Work To A Secure & Agile Workforce »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Chatham House Cyber Conference

Chatham House Cyber Conference

14 June 2023 - Connect with cyber security experts and senior policymakers to explore the role of cyber security in the global economy and how to deliver an open and secure internet.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

UK Cyber Week Expo & Conference

UK Cyber Week Expo & Conference

Award-winning event organiser ROAR B2B announces the launch of UK Cyber Week and its inaugural event on 4 and 5 April 2023 at the Business Design Centre, London.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

SAMATE

SAMATE

The Software Assurance Metrics And Tool Evaluation project is an inter-agency project between the US Department of Homeland Security and NIST.

Code Dx

Code Dx

Code Dx is a software application vulnerability correlation and management system.

National Cyber League (NCL)

National Cyber League (NCL)

The NCL provides a virtual training ground for participants to develop, practice, and validate their cybersecurity knowledge and skills.

infoBay

infoBay

InfoBay is an enterprise platform specifically designed to securely safeguard highly sensitive transmitted data.

Secure Innovations

Secure Innovations

Secure Innovations is a cybersecurity firm dedicated to providing top-tier cyber security solutions for the Defense and the Intelligence Community.

Flipside

Flipside

Information Security training provider specialized in personalized training and security awareness campaigns.

S2S Group

S2S Group

S2S Group specialise in the destruction and management of IT assets at the end of the lifecycle.

Infosec Train

Infosec Train

Infosec Train provide professional training, certifications & professional services related to all spheres of Information Technology and Cyber Security.

Ksmartech

Ksmartech

Ksmartech provide services related to security and authentication in all areas where the connection of people to objects, and objects and objects is necessary.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

RackTop Systems

RackTop Systems

RackTop Systems is the pioneer of CyberConverged data security, a new market that fuses data storage with advanced security and compliance into a single platform.

Findcourses.com

Findcourses.com

Findcourses is a dedicated education search engine designed to make it easy for our learners to search and find exactly what they need from our community of trusted training providers.

CybX Security LLC

CybX Security LLC

CybX is the first company of its kind to merge the practice of computer forensics with computer security and information security.

NightDragon

NightDragon

NightDragon is a venture capital firm investing in innovative growth and late stage companies within the cybersecurity, safety, security, and privacy industry.

Bright Data

Bright Data

Bright Data Inc is the world’s #1 web data platform, enabling organizations to research, monitor, analyze data, and make better decisions.

SafePaas

SafePaas

SafePaas is a leading Enterprise Risk Management Platform. One source of truth for all your Audit, Risk, and Compliance requirements. Complete governance across your systems.