Towards An ‘AI vs AI’ Future

As both sides of the cybersecurity fence develop better forms of machine learning and artificial intelligence for good and bad purposes, are we in for an AI vs AI future? Based on the responses we received, there are differing opinions on this.

Jeffrey Kok from CyberArk, for example, believes that “the type of AI used in cyber attacks are very superficial uses of AI, and nothing like what we see in Sci-Fi movies. As such, an AI vs AI future is still far in the future and is still in the Sci-Fi realm.”

Meanwhile, Orli Gan (Check Point) and Boris Cipot (Synopsys) are of the opinion that an AI vs AI future isn’t only possible, but we may very well are already in the world, albeit at its infancy. We’re now already seeing some early first encounters of this future and “the more companies rely on AI tools as the core part of the cyber defense, the more they open the door for these types of attacks,” said Orli Gan.

Orli Gan, Head of Products for Threat Detection, Check Point Software Technologies

“One should never trust his AI algorithms solely but rather use multiple lines of defense and detection engines to combat modern cyber attacks. AI cyber defense tools are far from being a silver bullet, and even as they improve, so do the cyber attack weapons. We use AI to offer scale and insights where needed, but always validate the verdict against multiple other techniques and engine so that we continue to have the upper hand.”

With cyber threats adapting and pivoting faster than ever, Ian Yip (McAfee) also suggests that organisations should never bet their future on a single product or technology to solve all their cybersecurity issues. “It’s important to think about security at scale, taking a risk-based approach, and look for trusted partners that have the ability to solve problems holistically, versus banking on one silver bullet,” he said.

When dealing with automated adversaries, Vicky Ray of Palo Alto Networks said that businesses would have to integrate capabilities across the whole environment from network to endpoint and cloud data, rather than siloed security tools.

He explained, “Having full visibility of the company’s environment - across the network, apps, endpoints, will be critical to navigating a complex threat landscape, especially when faced with these increasingly sophisticated and advanced attacks. Supported by rich data and analytics consolidated from across the organisation, attacks can be automatically detected with greater accuracy. This will enable enterprises to put more focus on prevention.”

Nevertheless, Vicky added, technology alone cannot be the primary defence against cyberattacks despite the common misconception that AI systems can be a substitute for human involvement. “No technology can replace the need for robust processes and regular training for all staff and cybersecurity teams. For a truly effective solution against future AI-driven attacks, AI must be woven into the fabric of security practices, alongside enhanced threat intelligence sharing and the continual advocacy of effective cyber hygiene practices to secure users, applications and data.”
 
In Conclusion
Based on all their valuable comments, we can safely say that the cybersecurity experts we contacted agree that like any emerging technology, machine learning and AI present opportunities for both cybercriminals and cybersecurity professionals.

While AI offers a way to level the playing field and even the odds for enterprises in the face of escalating cyber threats, AI can also potentially be leveraged as a powerful cyber attack tool – used to help threat actors to penetrate the corporate networks, infect a specific device, enhance social engineering techniques or exploit software flaws to position themselves for a successful attack.

“Now, imagine that there is a computer equipped with all of this knowledge, as well as knowledge of penetration techniques, behavioural analysis capabilities, and behavioural mimicking behaviour”, said Boris Cipot of Synopsys Software Integrity Group, adding that such a machine could theoretically carry out attacks quicker and more efficiently. 

“What is even more concerning is that it could potentially attack hundreds, or maybe even thousands, of targets at once. There’s no reason to believe that this concept isn’t scalable; meanwhile, humans are not in this way. The damage that this type of machine could achieve, with good AI, is unimaginable.”