In the tech world, an arms race usually a metaphor for two companies battling for supremacy, but McAfee thinks it might be a bit more literal for artificial intelligence as hackers upskill to make use of the breakthrough.
As one of its predictions for 2018, security software vendor McAfee believes that while securing the ever expanding virtual perimeters of an organization would be one of the more attractive usecases for AI, the converse is also true. Hackers will be able to make use of the much more powerful and speedy algorithms to probe an organizations perimeter, seeking out inadequacies much quicker than a human would be able to.
“The evolution of ransomware in 2017 should remind us of how aggressively a threat can reinvent itself as attackers dramatically innovate and adjust to the successful efforts of defenders,” said Steve Grobman, Chief Technology Officer for McAfee.
“We must recognise that although technologies such as machine learning, deep learning, and artificial intelligence will be cornerstones of tomorrow’s cyber defences, our adversaries are working just as furiously to implement and innovate around them. As is so often the case in cybersecurity, human intelligence amplified by technology will be the winning factor in the ‘arms race’ between attackers and defenders.”
Now we can already hear the mummers from pessimistic corners; a security company saying we need to spend more of security – what a surprise. But this is a warning which should be taken seriously. For every technology breakthrough which has been made for good intentions, there always have been nefarious individuals who will use it for ill gain. It will most likely be the same here.
As we become more mobile in our working lives, the complications of securing a network are compounded. Every time you access you emails outside of the office, you are effectively creating another gateway for hackers to attack. One way of combatting this might be to inform the security team about your movements, but who does that? The perimeter is expanding quicker than we can secure it.
If security team are to continue to be under-manned and under-funded, artificial intelligence can be a solution to make the perimeter more secure. It doesn’t need to sleep, it works much faster and much more efficiently than a human. This is an area where the promise of AI can be realized almost immediately; leave the monotonous, heavy lifting to the application, while the humans concentrate on more high-value tasks.
McAfee points out that ‘adversaries will certainly employ machine learning themselves to support their attacks, learning from defensive responses, seeking to disrupt detection models, and exploiting newly discovered vulnerabilities faster than defenders can patch them’. The battle could simply come down to who has the best algorithm. And some hackers are very smart individuals.
“To win this arms race, organisations must effectively augment machine judgment and the speed of orchestrated responses with human strategic intellect,” McAfee said. “Only then will organisations be able to understand and anticipate the patterns of how attacks might play out, even if they have never been seen before.”
While this does not seem like an answer at all, it is the only one. With the world of artificial intelligence, we are venturing into the unknown. Challenges are unknown and answers are unknown. Perhaps this escalates the need to integrate AI into the security proposition, so security experts can more proactively look to the unknown to identify solutions.
So while the AI arms race might seem like a bit of scare-mongering, it is a very real problem, which is completely logical.