Consider the well-worn phrase, “You’ve got to take the good with the bad.” All true, but the real measure is ‘how good’ and ‘how bad?’
With artificial intelligence (AI), the fact is we don’t know yet. The promise is great, from machine learning and automation to using AI technologies for dynamic defense against cyber intruders. And that’s just a part of the greater ‘good.’
But with cybersecurity, the ‘bad’ may be worse than the ‘good’ by a lot -- assuming 100 information security pros Cylance surveyed at the recently concluded Black Hat conference are right. Criminals will use AI as a tool for “offensive purposes” in the next 12 months, according to 62 percent of the experts.
AI: Switching From Defense to Offense?
Keeping in mind that Cylance’s stock-in-trade is AI technology to prevent cyber attacks, “offensive purposes” is an interesting proposition: While AI could present infosecurity’s most fortified line of defense against cyber attacks, it simultaneously might offer hackers an avenue to more advanced blitzes. Again, it’s the ‘good with the bad.’
Still, as Cylance optimistically pointed out in a blog post: “Increasingly automated cyberattacks won’t slow the adoption of AI for defensive purposes." As cyber crooks and nation-states turn to AI to foment more attacks, “the need for smarter solutions that can help human security teams keep up will only become more apparent,” the Cylance team wrote.
In other words, forewarned is forearmed.
The survey also covered three additional issues: Ransomware and the dark web, top security concerns, and the most serious threats facing the U.S. In general, infosec pros are worried about a potentially volatile cocktail of advanced threats and negligence by their organizations.
Nation States or Cybercriminals: What's Worse?
Of note, it’s not clear to the experts whether nation-states or cybercriminals present the biggest threat to security, Cylance said.
Will dark web shutdowns curtail ransomware? Nearly 80 percent of Cylance’s respondents contend that taking down dark web markets such as the recent shuttering of AlphaBay and Hansa will have no impact on the rate of ransomware attacks.
OS patching/updating is a big worry: Survey participants continue to fret over OS patching and updating (39 percent) and compliance issues (24 percent), followed by ransomware (18 percent), triaging alerts (10 percent) and identity and DoS attacks (8 percent).
Phishing is the main concern of 36 percent of those surveyed, followed by attacks on critical infrastructure (33 percent). Other top concerns included Internet of Things (IoT) attacks (15 percent), ransomware attacks (14 percent) and botnet attacks (1 percent).
What's worse, Russia or non-state cybercriminals? Infosec pros were divided in their opinions about Russia or non-state cybercriminals posing the biggest risk to the U.S. While 34 percent of respondents named Russia as the biggest threat, 33 percent pointed to organized cybercrime, followed by threats from China (20 percent) and North Korea (11 percent). Of interest, only two percent of attendees named Iran as the U.S.’ main cyber foe.