Soon, the Hackers Won’t Be Human

 But AI Can Boost Cyber Defenses, Too

 
It has been a challenging year for U.S. cyberdefense operations. A dramatic surge in ransomware attacks has targeted such critical national infrastructure as the Colonial Pipeline—which was shut down for six days in May, disrupting fuel supplies to 17 states—and halted the operation of thousands of American schools, businesses, and hospitals. The hacking of SolarWinds Orion software, which compromised the data of hundreds of major companies and government agencies and went undiscovered for at least eight months, demonstrated that even the best-resourced organizations remain vulnerable to malign actors.

While the motley crew of cybercriminals and state-sponsored hackers who constitute the offense has not yet widely adopted artificial intelligence techniques, many AI capabilities are accessible with few restrictions. If traditional cyberattacks begin to lose their effectiveness, the offense won’t hesitate to reach for AI-enabled ones to restore its advantage—evoking worst-case future scenarios in which AI-enabled agents move autonomously through networks, finding and exploiting vulnerabilities at unprecedented speed. Indeed, some of the most damaging global cyberattacks, such as the 2017 NotPetya attack, incorporated automated techniques, just not AI ones. These approaches rely on prescriptive, rules-based techniques, and lack the ability to adjust tactics on the fly, but can be considered the precursors of fully automated, “intelligent” agent–led attacks.

Yet it is not just cyberattackers who stand to benefit from AI. Machine learning and other AI techniques are beginning to bolster cyberdefense efforts as well, although not yet at the scale necessary to alter the advantage the offense presently enjoys. There is reason to hope that AI will become a game-changer for the defense. As offense and defense both race to leverage AI techniques, the question is which side will manage to benefit most.

Συνέχεια  εδώ

Πηγή: foreignaffairs.com