UPDATED 11:57 EST / JUNE 21 2019

SECURITY

Report sees peril in cybercriminals’ looming use of AI

A new report this week by anti-malware vendor Malwarebytes Inc. paints an ominous picture of the potential impact of artificial intelligence technologies such as machine learning and deep learning once criminals have the skills and incentive to use them.

That hasn’t happened yet, but the report’s authors suggest it could be as little as a year or two before AI-powered malware makes its way into the wild.

“Almost by definition, cybercriminals are opportunistic,” the report noted. “You only need one smart cybercriminal to develop malicious AI in an attack for this method to catch on.”

Malwarebytes Lab Director Adam Kujawa drew an analogy to ransomware, which was detected as early as 2010 but was considered only a screen-locking nuisance until 2013, when Cryptolocker debuted with the ability to encrypt files. “Suddenly we saw a lot of variants emerging,” Kujawa said. “For the most part we don’t see a move by criminals en masse until one version completely destroys its target.”

In the short term, the advantage is to the good guys, who are using AI to supplement human labor. In the field of malware, for example, machine learning can be used to create “smart detections that can capture future versions of the same malware, or other variants in the same malware family,” the report’s authors note.

That’s a help to researchers who spend much of their time hunting for variations of known malware strains. “AI takes care of a lot of the grunt work,” Kujawa said. The company’s own anomaly detection engine caught about 5% of malware cases in the first five months of this year, he claimed.

AI’s no panacea

However, the report casts cold water on the idea that AI will be salvation for the cybersecurity problem. For example, a weakness of machine learning models is that they require constant supervision to avoid becoming corrupted, which is something bad actors will seek to do. “The use of AI and ML in detections requires constant fine-tuning,” the report says. AI also has yet to invent new solutions to security problems; Its principal value has been in doing what humans do faster.

Among the more nefarious uses of AI on the horizon are worms that learn how to avoid detection or change behavior on the fly to foil pattern-matching algorithms. “An active worm with lateral movement can roam the networks of this planet for years,” the report says.

Another risk is intelligent malware that can wait until a set of conditions is met to deploy its payload. And once attackers breach a network, they can use AI to generate activity patterns that confuse intrusion detection systems or overwhelm them with false alerts.

Kujawa highlighted phishing messages as a particular concern. The highly targeted form of that exploit called “spear phishing” currently requires considerable human effort to create messages that appear to come from known senders. Future algorithms will scrape information from social media accounts and other public sources to create spear phishing messages at scale.

Countering these threats will require coordinated efforts by government, technology vendors and their customers, the report says. One of the tricks will be to invent preventive technology that doesn’t inadvertently open up new attack vectors.

But time is running out. “For the moment, we haven’t seen a fully-automated security strategy that would be able to overpower AI-driven malware,” the authors write.

And any solution that works isn’t likely to be entirely automated. “Human-powered intelligence paired with AI and other technologies will still win out over systems or attacks that rely on AI alone,” the report concludes. “If we’re not proactive, we may be left in the dust.”

Image: Pixabay

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU