Criminal Use Of Artificial Intelligence

Artificial Intelligence (AI) is being used by criminals to increase the power of their cyber attacks on commercial enterprise, but despite the increasing sophistication of criminal methods, there is a lot that organisations can also use it to protect themselves.

While the use of AI as a primary offensive tool in cyber attacks is not yet mainstream, its use and capabilities are growing and becoming more sophisticated. From targeted phishing campaigns to new methods of network penetration, there several ways that AI can be used by criminals to launch cyber attacks. 

Here are three of the ways that offensive AI is being used to deliver cyber security attacks:- 

Data poisoning: Data poisoning is designed to manipulate a training dataset to control the prediction behavior of a trained model to trick the model into performing incorrectly, such as labeling spam emails as safe content. There are 2 types of data poisoning: Attacks that target a network algorithm's availability and attacks that target its integrity. 

Generative Adversarial Networks: Generative Adversarial Networks (GANs) are basically two AI systems pitted against each other, one that simulates original content and one that spots its mistakes. By competing against each other, they jointly create content convincing enough to pass for the original. GANs also can be used for password cracking, evading malware detection, and fooling facial recognition. 

Manipulating Bots: If AI algorithms are making decisions, they can be manipulated to make the wrong decision and if hackers understand the models, they can abuse them. As automated decisionmaking grows more complex, the scope for forced errors increases.

Offensive-AI is an issue that all organisations must be prepared to deal with sooner rather than later. The time to review your approach and capabilities is now, before you are forced to do it retrospectively. A successful strategy needs to develop and deploy not only technical capabilities, but change cultural processes and governance to deal with the new approaches that AI will bring to an organisation.

Effective cyber security will always need human minds to build strong defenses and stop attacks. but security teams should make sure that they are putting AI technology to work in defence of their organisation. 

TechRepublic:       Computer Weekly:       ZDNet:     CDW Solutions:

You Might Also Read: 

AI Can Help Fight Coronavirus Cyber Crime:

 

« US Cyber Command Were Running An 'Election Special'
How to Transition From Remote Work To A Secure & Agile Workforce »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Security Compass

Security Compass

Security Compass, the Security by Design Company, enables organizations to shift left and build secure applications by design, integrated directly with existing DevSecOps tools and workflows.

DKCERT

DKCERT

DKCERT (Danish Computer Security Incident Response Team) handles security incidents on forskningsnettet, the National Research and Education Network (NREN) in Denmark.

National Cyber League (NCL)

National Cyber League (NCL)

The NCL provides a virtual training ground for participants to develop, practice, and validate their cybersecurity knowledge and skills.

Radiflow

Radiflow

Radiflow is a leading provider of cyber security solutions for critical infrastructure networks (i.e. SCADA), such as power utilities, oil & gas, water and others.

Sliced Tech

Sliced Tech

Sliced Tech provides enterprise grade managed Cloud services, including Security-as-a-Services, aimed at meeting the needs of commercial and government clients from within Australia.

PRODAFT

PRODAFT

PRODAFT, Proactive Defense Against Future Threats, is a cyber security and cyber intelligence company providing solutions to commercial customers and government institutions.

CS3STHLM

CS3STHLM

CS3STHLM is the Stockholm international summit on Cyber Security in SCADA and Industrial Control Systems.

DeepView

DeepView

DeepView delivers a unified platform for managing risk on digital platforms. One interactive secure portal allowing employees to engage their networks securely and compliantly.

Regulativ.ai

Regulativ.ai

Regulativ.ai is an innovative and comprehensive platform, driven by AI, to address the regulatory and compliance needs of Cyber Security Regulatory compliance and reporting.

Axellio

Axellio

Axellio provides economic, end-to-end cyber security solutions designed for your team, environment, and security objectives, providing packet level visibility across your network.

BAE Systems

BAE Systems

BAE Systems develop, engineer, manufacture, and support products and systems to deliver military capability, protect national security, and keep critical information and infrastructure secure.

StealthPath

StealthPath

StealthPath is focused on endpoint protection, securing the “implicit trust” vulnerabilities of current leading information security solutions.

TrustCloud

TrustCloud

TrustCloud is a global company specializing in the orchestration and custody of secure digital transactions including identification, signature, payments, and electronic custody.

Excite Cyber

Excite Cyber

Excite Technology Services (formerly Cipherpoint) is focused on improving the security posture of our customers.

Oxygen Technologies

Oxygen Technologies

Oxygen Technologies is a business systems strategy and integration company offering a variety of solutions to give our clients ways to work smarter not harder.

ZIUR Industrial Cybersecurity Center

ZIUR Industrial Cybersecurity Center

ZIUR is a public initiative to help industrial companies reinforce their protection and that of their products or services against cyberattacks.