By Sanjay Aurora, Managing Director, Asia Pacific, Darktrace
As the near-constant stream of high-profile attacks suggests, the cyber-threat landscape is rapidly evolving with no sign of slowing. Cyber-attackers are not only moving faster, they are adding new and innovative tools within their toolkits. And as the entire world turns online, we are moving towards a future where cyber-threats increasingly threaten the safety of not just our data, but of our physical infrastructure too.
Sifting through the recent data breaches, certain trends emerge for how attacks are set to evolve in the future. Most notably, we’ve entered a critical era where the use of offensive AI by sophisticated threat-actors is nearer than ever. Whilst Cyber AI has, for the past several years, transformed how security teams identify and fight back against threats, we soon expect to see AI on the other side – attackers adopting the technology for nefarious uses.
Indeed, even beyond cybersecurity, AI is lowering barriers to entry and empowering organizations around the world to deliver services at a previously inaccessible scale and speed. Unfortunately, this same power is proving attractive to cyber-attackers. At Darktrace, we have seen the early signs of threat-actors using AI – whether it’s to supercharge spoofing emails or to create advanced malware that adopts its behavior to blend into the background noise of the network.
Take for example, the creation of spoof emails. By using AI, an attacker would be able to generate communication that for the average person, is virtually indistinguishable from genuine correspondence. And by leveraging the speed and scale made possible with AI, it would only take 2 attackers to create code that could generate 2 million emails a day with an 85% success rate – ultimately, making attacks significantly more profitable.
Attacks on infrastructure
But AI attacks won’t just target emails and corporate networks. There is a more worrying type of attack on the horizon – the sabotage of critical infrastructure. Advanced threat-actors are turning away from just simple data theft and look instead to cause mass disruption. And as cities and nations trend towards ‘smart city’ infrastructure, the attack surface has grown exponentially – meaning that the risk has never been higher. Attackers can use AI to bypass traditional security tools and slowly and subtly cause instrumental damage to the operations of the infrastructure – all whilst going undetected.
These attacks have the potential to compromise our most critical infrastructure by turning off the lights, disrupting transport systems, and ultimately threatening public safety. The past year has shown us that geopolitical tensions are beginning to be played out in cyberspace. Nation states will have to be on high alert to protect their energy grids, manufacturing plants, and airports from sophisticated cyber-threats.
In fact, just last week, during the fourth Singapore International Cyber Week (SICW), the Operational Technology (OT) Cybersecurity Masterplan was unveiled, to enhance the security and resilience of Singapore’s critical infrastructure. A world-leading country in innovation and technology, this move by Singapore demonstrates the significance of the risk of cyber-threat to national critical infrastructure – and will no doubt set the trend for other Asia Pacific countries to follow suit, making cyber defense for critical infrastructure a priority.
Autonomous Cyber AI
Ultimately, the future almost certainly holds the reality of AI-driven cyber-attacks, where malware will have the ability to self-propagate via a series of autonomous decisions and intelligently tailor itself to the parameters of the infected system in order to become stealthier to evade detection. Organizations need to be readying themselves for what is fast becoming a cyber arms race.
Our brave new world seems to be one where algorithms will fight algorithms on the battleground of corporate networks. And only those with the best AI will win. But the fact is, there is no silver bullet for cybersecurity. While many boards are waking up to the reality that cyber-attacks are imminent, action is needed to prevent attacks from doing harm once the threat is already inside. Organizations need to shift their focus from post-breach response to early detection and autonomous response, which will generate a far more positive outcome for their organization and their stakeholders.
Autonomous Cyber AI is revolutionizing cyber defense and may prove to be our best line of defense against future AI attacks. Acting as a cyber ‘immune system’ for the digital enterprise, this AI is capable of learning what is ‘normal’ and ‘abnormal’ for the digital business on an evolving basis, without relying on prior knowledge of threats. Stepping in as the machine defender, this technology can not only identify never-before-seen threats, but also autonomously respond to isolate the attack before it does damage.
Ultimately, digital transformation is happening at such a pace that AI, especially in the area of cybersecurity, is being recognized as a ‘must-have’ in enabling companies to stay ahead of unpredictable threats. And once attackers turn to AI to supercharge their methods, cyber AI will be our most fundamental ally.
Indeed, more than 3,000 organizations around the world have turned to cyber AI as their most crucial weapon in the fight against the threats that no one can predict – the threat that slips through perimeter defenses, or the threat that is already inside.
Humans alone cannot detect the subtle, unusual behaviors indicative of today’s stealthy attacker, or at least, not before it is too late – networks are simply too big and too complex. And in an age where we’ll soon see machines fighting machines, far outpacing human security teams’ ability to keep up, arming up with cyber AI will be crucial to staying one step ahead of an ever-evolving adversary.
CISO MAG does not evaluate the advertised product, service, or company, nor endorse any of the claims made by the advertisement. The facts, opinions, and language in the article do not reflect the views of CISO MAG and CISO MAG does not assume any responsibility or liability for the same.