AI and Cybersecurity: The Battle Between Good and Evil

From Siri and Watson to self-driving cars – artificial intelligence (AI) is becoming part of our everyday life. Machine learning, one type of AI, allows the automation of processes and human-like decision making. The substitute of human effort for AI has certainly found its place in cybersecurity.

The Good

AI is being applied in one of two ways. The first is by applying machine learning as helper apps. For example, AI software can work behind a cybersecurity product and help reduce noise from alerts. Other AI solutions work on a stand-alone basis but with integration to other technologies.

AI technology can become vital in the detecting and response stage of an attack. According to a global security study, the average time it took a company to spot and respond to an attack was 39 days. But some companies were able to detect and respond within hours. What was the difference? Automation from AI and machine learning.

The ability for AI to process a large amount of data quickly lets it be the ideal combater to endpoint attacks.  For example, Cybereason has the ability to use AI hunting to complete queries at a rate of 8 million questions per second.  Rather than focusing on one specific suspicious event, it will hunt for the full attack picture.  No longer is a reactive signature based approach used.  Instead, simulations can be done on known malware, effectively predicting malware before it has been created.  Since malware is derived from the existing code and then tweaked to avoid signature-based solutions, analysis of collected signatures can determine if it is good or bad.

The Bad

Unfortunately, cybercriminals can also are using artificial intelligence to their advantage. The autonomous benefits that AI has for corporations apply to hackers, too. A prediction by McAfee Labs said criminals would use machine learning to analyze a large number of stolen records.   This would then allow the creation of contextually detailed emails that would target the victims.  An experiment pinned AI versus a human to see who could get more clicks on malicious links on Twitter.  The AI sent spear-phishing tweets to over 800 users at a rate of 6.75 tweets per minute resulting in 275 victims.  The human was only able to send out 129 attempts at 1.075 tweets per minute resulting in 49 victims.

The battle between good and bad will only continue as technologies like AI break into the cybersecurity scene. Luckily, for now, good is outsmarting bad. There are many tools utilizing endpoint technology currently on the market. Let Brite help you select the right AI security tools for your organization.