Criminal Use Of Artificial Intelligence

Artificial Intelligence (AI) is being used by criminals to increase the power of their cyber attacks on commercial enterprise, but despite the increasing sophistication of criminal methods, there is a lot that organisations can also use it to protect themselves.

While the use of AI as a primary offensive tool in cyber attacks is not yet mainstream, its use and capabilities are growing and becoming more sophisticated. From targeted phishing campaigns to new methods of network penetration, there several ways that AI can be used by criminals to launch cyber attacks. 

Here are three of the ways that offensive AI is being used to deliver cyber security attacks:- 

Data poisoning: Data poisoning is designed to manipulate a training dataset to control the prediction behavior of a trained model to trick the model into performing incorrectly, such as labeling spam emails as safe content. There are 2 types of data poisoning: Attacks that target a network algorithm's availability and attacks that target its integrity. 

Generative Adversarial Networks: Generative Adversarial Networks (GANs) are basically two AI systems pitted against each other, one that simulates original content and one that spots its mistakes. By competing against each other, they jointly create content convincing enough to pass for the original. GANs also can be used for password cracking, evading malware detection, and fooling facial recognition. 

Manipulating Bots: If AI algorithms are making decisions, they can be manipulated to make the wrong decision and if hackers understand the models, they can abuse them. As automated decisionmaking grows more complex, the scope for forced errors increases.

Offensive-AI is an issue that all organisations must be prepared to deal with sooner rather than later. The time to review your approach and capabilities is now, before you are forced to do it retrospectively. A successful strategy needs to develop and deploy not only technical capabilities, but change cultural processes and governance to deal with the new approaches that AI will bring to an organisation.

Effective cyber security will always need human minds to build strong defenses and stop attacks. but security teams should make sure that they are putting AI technology to work in defence of their organisation. 

TechRepublic:       Computer Weekly:       ZDNet:     CDW Solutions:

You Might Also Read: 

AI Can Help Fight Coronavirus Cyber Crime:

 

« US Cyber Command Were Running An 'Election Special'
How to Transition From Remote Work To A Secure & Agile Workforce »

Perimeter 81

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Perimeter 81

Perimeter 81

Perimeter 81 is a Zero Trust Network as a Service designed to simplify secure network, cloud and application access for the modern and distributed workforce.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Free Access: Cyber Security Supplier Directory listing 5,000+ specialist service providers.

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Cylance Smart Antivirus

Cylance Smart Antivirus

An antivirus that works smarter, not harder, from BlackBerry. Lightweight, non-intrusive protection powered by artificial intelligence. BUY NOW - LIMITED DISCOUNT OFFER.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

DigitalStakeout

DigitalStakeout

A simple and cost-effective solution to monitor, investigate and analyze data from the web, social media and cyber sources to identify threats and make better security decisions.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

National Association of State Chief Information Officers (NASCIO)

National Association of State Chief Information Officers (NASCIO)

NASCIO's Cybersecurity Committee focuses helps state CIOs to formulate high-level security and data protection policies and technical controls.

Cygilant

Cygilant

Cygilant is a SOC2 certified service provider that combines MSSP and Incident Detection and Response (IDR) capabilities managed by global SOCs staffed with trained security engineers.

SafeLogic

SafeLogic

SafeLogic provides strong encryption products for solutions in mobile, server, Cloud, appliance, wearable, and IoT environments that are pursuing compliance to strict regulatory requirements.

ISDefence

ISDefence

ISDefence is a cyber resilience consulting company - Detect/Deter, Protect, Respond, Recover.

Careerjet

Careerjet

Careerjet is a leading online job search engine with a large presence worldwide, sourcing millions of job ads from thousands of websites from all over the world in areas including Cybersecurity.

EOL IT Services

EOL IT Services

EOL IT Services is the UK’s most accredited provider of IT Asset Disposal (ITAD), Lifecycle Services and Data Destruction.

Center for Education & Research in Information Assurance & Security (CERIAS)

Center for Education & Research in Information Assurance & Security (CERIAS)

CERIAS is one of the world’s leading centers for research and education in areas of information and cyber security.

Valid Network

Valid Network

Valid Network DSP is blending traditional cyber security methodologies with blockchain transactions to achieve trust, internal and federated between organizations and stake holders.