Infosec Pros: AI Could Soon Be Used Against Us

Infosec Pros: AI Could Soon Be Used Against Us

A majority of information security professionals believe that artificial intelligence (AI) technology will be used in attacks against them in the next 12 months, according to new research from Cylance.

The security vendor polled Black Hat USA attendees last week to gauge their thoughts on the rapidly emerging technology.

It revealed that 62% of them believe there’s a high possibility that AI will soon be used offensively by hackers.

However, this will only accelerate the use of the same tech for defensive purposes as organizations look for smarter ways and more efficient ways to stop increasingly automated attacks, claimed Cylance.

The vendor provides AI-based advanced threat protection rather than more traditional detect and respond approaches, claiming it enables customers to switch on “pre-execution attack prevention”.

Attendees also claimed that Russian state-sponsored hackers are the biggest threat to US organizations at present (34%), although financially motivated, organized cybercrime came a close second (33%), with the Chinese state coming some way behind in third (20%).

That’s quite a turnaround from a few years ago when China was public enemy number one after five PLA soldiers were indicted by the US for commercial cyber-espionage against American companies.

In reality, the distinction between Russian state hackers and organized crime may be a tricky one to make, as it’s likely that the Kremlin leverages the grey area between the two to commission hackers at arm’s length, thereby ensuring it can maintain plausible deniability in the event an attack is detected.

Cylance also found that Black Hat attendees' biggest internal cybersecurity issue of late has been patching and updating security and operating systems (40%), followed by compliance issues (24%).

The results confirm just how big a role the more mundane operational aspects of cybersecurity play in the day-to-day running of an IT department. Recent global events such as WannaCry will have made such tasks even more urgent.

Source: Information Security Magazine