The flip side of AI

Artificial intelligence (AI) has come a long way since its humble beginnings.  Once thought to be a technology that would struggle to find its place in the real world, it is now all around us.

It’s on our phones, our cars, and our homes. It can influence the ads we see, the purchases we make and the television we watch. It’s also fast becoming firmly embedded in our working lives – particularly in the world of cybersecurity.

The UAE and Saudi Arabia are both countries that are committed to the development and implementation of AI technologies. According to a report by PwC, the potential impact of AI for the Middle East’s economy is expected to be US$320 billion by 2030.

The UAE, in particular, is aiming to become a global leader in AI by 2031, with AI technology forecasted to contribute 14% to the national GDP in 2030. Additionally, in Saudi Arabia, AI is expected to contribute approximately 12.4% to the country’s GDP in 2030.

However, as with any advancement in technology, AI is not only used for good. Just as cybersecurity teams are utilising machine learning to ward off threats, so too are bad actors weaponising the technology to increase the speed, effectiveness and impact of those threats.

We now find ourselves in an arms race. One that we can only be won by embracing this rapidly evolving technology as part of a broad, deep defence.

Artificial intelligence – in defence

What started out with fairly simple yet effective use cases, such as the email spam filter, has now expanded across every function of the cybersecurity team.

Today, AI is a vital line of defence against a wide range of threats, including people-centric attacks such as phishing. Every phishing email leaves behind it a trail of data. This data can be collected and analysed by machine learning algorithms to calculate the risk of potentially harmful emails by checking for known malicious hallmarks.

The level of analysis can also extend to scanning attached files and URLs within the body of a message – and even, thanks to a type of machine learning known as computer vision, to detecting websites that impersonate the login pages of major phishing targets.

The same machine learning model can also be applied to other common threats such as malware – which grows and evolves over time and often does considerable damage before an organisation knows what it’s up against.

Cybersecurity defences that employ AI can combat such threats with greater speed, relying on data and learnings from previous, similar attacks to predict and prevent its spread.

As the technology continues to develop, so too will its prevalence within cybersecurity defence.

Artificial intelligence – in attack

Unfortunately, while AI is making great strides in defending against common threats, it’s making it far easier for cybercriminals to execute them too.

Take phishing: AI has the potential to supercharge this threat, increasing the ease, speed and surface of an attack. Even rudimentary machine learning algorithms can monitor correspondence and credentials within a compromised account. Before long, the AI could mimic the correspondence style of the victim to spread malicious emails far and wide, repeating the attack again and again.

When it comes to malware, AI can facilitate the delivery of highly-targeted, undetectable attacks.

AI’s speed will also likely prove to be a major boon for cybercriminals, as it is for those of us defending against it. Machine learning could be deployed to circumnavigate and break through cybersecurity defences faster than most prevention or detection tools could keep up.

And AI will not only exacerbate existing threats – it’s already creating new ones.  Sophisticated machine learning techniques can mimic and distort audio and video to facilitate cyberattacks. We have already seen this technology, known as DeepFakes, in the wild.

Winning the AI arms race

When you find yourself in an arms race, the only way to win is to stay ahead. For the cybersecurity industry, this is nothing new. While the tactics and technologies may have changed, the battle to stay in front has raged for decades.

In this latest standoff, to keep pace with AI-powered threats, we must embrace AI-powered defence. That being said, AI should not be considered the universal panacea.

There’s no doubt that machine learning technology is both sophisticated and incredibly powerful, but it is just one piece of the puzzle.

When it comes to successfully defending against modern cyber-attacks, there is no silver bullet – AI or otherwise. A strong defence must be deep, multifaceted and, despite the ‘rise of the machines’, people-centric.

Regardless of what is attacking them, it is still ultimately your people that are being attacked. That’s why – along with the latest tools and protections – your cyber defence must include regular and comprehensive employee education around attack methods, threat detection and threat prevention.

There is no doubt that artificial intelligence is now a hugely important line of cyber defence. But it cannot and should not replace all previous techniques. Instead, we must add it to an increasingly sophisticated toolkit, designed to protect against rapidly evolving threats.