Artificial intelligence is the beginning of a revolution, but in one way it is just like every other revolution: It can be abused. Whether or not you already use any AI, you need to understand two things; that AI is cranking up the severity of security threats, but it can also offer improved security.
AI systems are fast and dynamic, meaning they learn from experience instead of relying on pre-programmed assumptions. AI-powered malware doesn’t require the hacker to know anything about you in advance. However, an AI-powered defence system needn’t depend on fixed definitions of who to trust and who not, or how they gain access. It can learn to recognise suspicious activity.
AI will power more advanced intrusion attempts into systems that are themselves more powerful. End users need to understand that the sophistication of AI-powered tools does not mean they are secure. For example, facial recognition systems powered by AI can potentially be spoofed by another AI, providing building access to criminals, or framing innocent people with forged video footage.
A report from Forrester “Using AI for Evil” says “mainstream AI-powered hacking is just a matter of time” and Ciaran Martin, of the National Cyber Security Centre, said it’s a matter of “when not if” [there will be a major attack on the UK].
Using “bot manipulation”, malware can use AI to adapt its appearance so that antivirus software doesn’t recognise it. It can also use AI to sample normal network activity and use it as camouflage, known as “generative networks”. When the target is itself an AI system, a malicious actor can feed “poisoned” data to the engine in order to bypass filters or simply cause damage. AI can also learn to impersonate a legitimate person or company in order to launch a social engineering attack.
The ability of AI to react quickly and adjust its responses as situations evolve also makes it ideal for defenders. An AI security system gives defenders the edge by providing early warnings and rapid incident response, so attack vectors can be closed down before any real harm can be done. Darktrace is one such tool.
Behaviour analytics is another important defence tool. Detecting unusual activity allows the AI to close access to key resources while a deeper examination is undertaken, for example, using Varonis. Mastercard’s director of cyber and intelligence solutions in South Africa, says AI is saving $20 billion per annum by detecting fraud in this way. Embedded malware code can be detected using a similar method.
AI-powered solutions also help by improving activity logging; centralising it in a single place and providing tools to zoom in on significant trails. The logs collected by Azure and other Cloud platforms provide a good basis for an effective SIEM system. These tools also enable you to create and evaluate your alert response workflows.
Once in the Cloud you have access to specialist security products and expertise that few enterprises can deliver in-house. Specialist companies constantly monitor the global situation to stay aware of threats emerging in particular sectors or locations. An ideal SIEM integrates this digital intelligence with your standard procedures such as logs, asset inventory, AI pattern detection and automated incident responses, and makes it easy to demonstrate your statutory compliance.
Unfortunately, we can’t wait for someone else to solve our cybercrime problems. The very people we should be able to trust to protect us, the NSA and GCHQ, created the EternalBlue tool used in recent ransomware attacks such as WannaCry, NotPetya and BadRabbit. They also left exploitable flaws in Windows and implanted backdoors into server and router firmware. Although this is similar to the warnings against Huawei, the NSA have placed similar backdoor access into products from Cisco, Juniper and Fortinet.
The problem with creating these weapons is that everyone else soon uses them; innocent companies are the victims. According to Wikileaks on 7th March, the CIA regularly listens in on Samsung televisions and iPhones and can take control of numerous IoT devices and car computers. When they do it, others will soon follow.
For businesses the goal is clear, keep spyware and vulnerabilities out of your software and hardware. That means taking a keen interest in where your IT products come from and investing in good security. There are limits to what is practical, but an integrated security system powered by AI is the best possible solution
Everyone has heard of artificial intelligence and smart connected devices; they might be fun one day, along with Robocop and jetpacks. However, most people don’t realise they are already here in a big way, in fact they probably use them every day.
Of course, most of us have already encountered Alexa: kids love it and kids are never wrong, but as yet many owners have used it for little other than turning on the lights or doing a hands-free internet search. It’s still not quite as impressive as HAL from the movie 2001, even though it is almost 2021, but there is a lot more to AI and IoT than one might think. According to networking giant Cisco, the number of ‘things’ connecting to the internet overtook the number of people way back in 2008.
A mobile phone is the one connected device almost everyone carries around with them, but we still tend think of them as “phones” rather than smart connected devices or artificial intelligence. In fact, most of them are both.
Many people will be surprised to know that more cars were added to mobile networks in 2016 than telephone handsets. Smart devices are not a novelty, they are already the norm, we have just not noticed.
Consider a stroll down your High Street. The many street cameras and other detectors you pass are probably feeding traffic information into an AI-powered management system. In some towns, they are managing the parking facilities, street lighting and bin collections. Almost every shop you pass has connected devices such as payment terminals, alarm systems, IP phones and CCTV. Some of these are some linked to a facial recognition AI.
Larger businesses along with clinics, hospitals and banks depend on an AI to protect them from network intrusions. Many takeaways will be connected to smart-ordering networks and delivery tracking systems. Uber cars and haulage vehicles rely on a logistics AI and the day is fast coming when AI will be driving them too.
Let’s return to your smart phone. Your mobile carrier’s network depends on artificial intelligence to route tracking signals, calls, Wi-Fi connections and SMS messages. Your camera relies on AI to focus, detect edges and adjust the contrast. Many of the apps you use connect with AI to provide other services, for example to monitor your fitness or detect the presence of COVID-19 infections.
If you need help with any of these apps, your enquiry will probably be answered by an AI bot. When you connect to the Internet, AI chooses the ads you see, the search results you get, the movies shown on Netflix and the music promoted on Spotify. If you upload a photo to Twitter or Facebook, facial recognition AI will probably analyse it to see who else is in the picture.
Figures from 2017, compiled by Gartner, showed 8.4 billion devices connecting over the IoT. That’s more than all the people in the world. This number is now around 20 billion as they are being deployed so quickly.
22% of IoT devices are inside factories; automating production lines, training robots, regulating conveying systems and ensuring quality control. Another 15% are specifically involved with energy efficiency management. Retailers currently account for just 12% of devices, for processes such as inventory tracking, footfall counters and security networks, while city management systems, such as traffic control, public transport and policing also use about 12%.
When device suppliers explain the potential benefits of the IoT they often use examples from our homes; central heating that knows how warm you like it, or ovens that switch on when you are on your way home. It is therefore surprising that building management still only accounts for about 3% of smart devices. There is still an enormous potential for growth in this area as well as for wearable devices, in wristbands, spectacles, headbands and integrated into our clothing. The recent craze for ‘Pokemon Go’ demonstrated the enormous popularity and potential of augmented reality.
The smartphone isn’t just a connected device, it is the device most of us depend on to monitor smart devices elsewhere. 5G networks will soon lead to an explosion in consumer-friendly utilities based on AI and the IoT, so phone manufacturers are now beginning to use chips optimised for AI (“neural engines”). The only limit is our imagination.