Share
April 20, 2018 1:45 PM, EDT

The AI Wars Have Arrived

Hackers Are Now Attacking With Artificial Intelligence

Hackers are now arming themselves with artificial intelligence to relentlessly probe the defenses of companies’ computers so they can strike those networks at just the right time and just the right place, according to IT security pros. “Hackers are innovative,” says Stephen Gates, chief research intelligence analyst at Zenedge, an AI security provider. “They’re using automation, bots, artificial intelligence — and the only way to fight back is to pit robot against robot.”

We’ve essentially entered the age of AI wars. The thinking machines of the bad guys are now going up against the thinking machines of the good guys.

Dysart

And if it all sounds like a science fiction movie, that’s only because technology has progressed so rapidly, and computers have become so blindingly fast, that the distinction between sci-fi and reality has now permanently blurred.

“We’ve seen firsthand that threats and attack vectors are continually evolving,” said Dan Resnick, practice director for cybersecurity and risk management at KSM Consulting, which does IT security consulting for the trucking industry.

Adding to the growing metamorphosis of the IT security threat is the hard fact that today’s hacker using AI is likely to be part of a sophisticated crime organization that has decided to make hacking its business, rather than the proverbial teen hacker pulling cyber pranks in his mom’s basement. Indeed, according to a 2017 report from Malwarebytes, today’s hacker organizations are similar to the criminal gangs that dominated major cities such as New York in the 1930s. Increasingly, these organizations are using fear, intimidation, a feeling of helplessness — and now AI — to prey on businesses.

Probably the greatest threat this “dark AI” poses to truckers is that it is self-teaching. Every day dark AI is on your network, it gets smarter about your strengths and weaknesses. And every day, it is capable of inventing creative, new ways to bring your network down.

Dark AI can penetrate your computer systems through a back door and simply lurk in the background, probing all the nooks and crannies, taking notes of what you’re using to defend your system, and, most importantly, what you’re missing.

Sure, hackers have used similar lurking technologies in the past. But with dark AI, they now have their hands on the same thinking technology that has beaten the world’s best chess players, taken down the greatest Jeopardy champs and made mincemeat of Go’s top prodigies.

“We are increasingly detecting never-before-seen threats on organizations’ networks,” said Rob Sass, managing director for North America at Darktrace, an AI security firm.

Fortunately, there is a solution.

During the past few years, software programmers for the good guys have been furiously coding new AI security packages that can go up against anything the AI hackers can throw at you, byte for byte.

“We anticipate seeing artificial intelligence and machine learning applied to a number of tools and domains within cybersecurity,” said KSM Consulting’s Resnick. “Focus areas like antivirus systems, firewall rule management and identity governance are all candidates to see improvements from automated defense mechanisms.”

ArcBest Technologies, a subsidiary of less-than-truckload carrier ArcBest, also is looking into AI tools to enhance cyber defenses. “We plan to add artificial intelligence in areas where it will help us identify, protect, detect and respond to cyber­security events,” said Byron Paschal, associate director for information security at ArcBest Technologies.

“By employing technology that can detect threats as they emerge and autonomously take action against them in real time, organizations are gaining back the advantage over attackers,” added David Masson, Darktrace’s country manager for Canada.

Another plus: AI security for white hats is also tireless, in the sense that it can simultaneously monitor and neutralize more dark AI threats than humanly possible — threats that can be disposed of without incident while you sleep peacefully or close your next big deal.

“Human beings alone, no matter how skilled, don’t have the bandwidth to handle the hyper growth in the network attack surface and threat landscape,” said Hitesh Sheth, CEO of Vectra, an AI security solutions developer. “Artificial intelligence allows enterprises to augment their security teams to automate detection and response.”

Of course, like all new tech, white hat AI is no panacea.

The self-learning aspect of the technology is so advanced, for example, that even the programmers who create thinking AI often have no idea after a while what the AI knows, how it got from here to there, and what underlying logic it’s currently using to define and neutralize threats.

Another problem with white hat AI, according to early adopters, is that it can be overly cautious, generating lots of security warnings that later turn out to be groundless.

While imperfect, white hat AI still is the best we have right now to go up against the same AI technology hackers are using to be just as smart and just as creative.

“There is no doubt about AI being the future of security,” said Hal Lonas, chief technology officer at Webroot, an IT security firm. “AI is here to stay and it will have a large impact on security strategies moving forward.”

Indeed, according to a 2017 report from Webroot, 86% of security pros surveyed said they fear hackers are gearing up to use AI against them, while a full 88% also said they are using some kind of AI to defend against hackers.

Yet another reason to consider adding AI to your arsenal: Once hackers find a way to neutralize your defenses with their AI, they’re also free to use traditional methods to wreak havoc on your computer network and extort money from your company.

According to a 2018 IT security forecast from Sophos Labs, we all can expect another tough year ahead trying to thwart ransomware — the malware that infects your network, encrypts all your files and then demands a ransom to unencrypt them. Sophos also predicts a sharp uptick in the spread of malware on Android systems and Mac computers. And, of course, Windows operating systems will continue to be a favorite target of hackers again in 2018, according to the report — including novice hackers who can easily buy do-it-yourself exploit kits that make it easy to infiltrate known vulnerabilities in Microsoft Office.

“An always-on, prevention-first security approach is what all organizations across all industries need to keep up with the modern threat landscape,” said Rahul Kashyap, chief technology officer at Cylance, an AI security systems provider.

Bottom line: You may want to start kicking the tires on some AI security solutions before hackers using the same technology decide to have you for lunch.

Here are a few AI market leaders to start with:

• CylanceProtect, by Cylance: In a 2017 study by iT-Cube Systems AG, a Germany-based IT security firm, CylanceProtect neutralized malware better than all products tested. It also consumed the least amount of network resources while implementing those neutralizations.

• DarkTrace Enterprise, by DarkTrace: Created by a group of University of Cambridge mathematicians and some former British military staff, DarkTrace works by studying how your network works, then monitoring and neutralizing any anomalies. One of its newest tools is “Antigena,” which can be programmed to send security alerts to your IT staff or take action on perceived threats — including quarantining those threats — without human interaction.

• Cognito, by Vectra Networks: Cognito also learns how your network operates and then remains in “always on” mode to monitor for anomalies and neutralize threats. The product was recognized as a gold winner by the 2018 Cybersecurity Excellence Awards, which are sponsored by a coalition of security industry companies.

• Zenedge Cybersecurity Suite, by Zenedge: Recently purchased by Oracle, this AI suite now has a world-class corporation behind it, along with all the research dollars, iron-clad guarantees and reasonably reliable longevity that Oracle association affords.

Joe Dysart is an Internet speaker and business consultant based in Manhattan. Phone: (646) 233-4089. Email: joe@joedysart.com. Web: www.joedysart.com.