澳门六合彩

What do cybersecurity and artificial intelligence (AI) have to do with each other? More than you may think.听

Due to advances in both hardware and software, cybersecurity and AI have become and will continue to be increasingly interconnected. This convergence raises significant security concerns. How should policymakers think about the threats and capabilities posed by the increasing overlap between cybersecurity and AI?

The intersection between AI and cybersecurity falls into three broad buckets, or categories of concern:

1. Cybersecurity concerns with AI systems, i.e. hacking AI;听
2. Cyber operations carried out in support of AI development and deployment; and听
3. The impact of AI on cybersecurity dynamics, both offensive and defensive.

1. Cybersecurity Concerns with AI Systems听

Cyber operations, whether espionage or an attack, instruct computer systems or machines to operate in ways they were not intended. For example, in 2007, the Idaho National Lab carried out a in which 30 lines of code damaged an electric generator beyond repair.听

Bad actors can use the same tactics with AI systems: find weaknesses in models and exploit them or as former Wilson Center Global Fellow Ben Buchanan highlights in , compromise 鈥渢he data upon which they depend.鈥� Two methods for data poisoning could include modifying 鈥渋nput data while in transit or while stored on servers鈥� or changing 鈥� what data the system sees during training and therefore change how it behaves.鈥澨�

Examples of , such as a vacuum cleaner that ejects collected dust back onto a space it just cleaned so it can collect even more dust and a racing boat in a digital game looping in place to collect points instead of pursuing the main objective of winning the race. While these examples may seem trivial, these same techniques can be used to far more serious effect. Remember, AI systems have been deployed in support of a diversity of functions including aircraft collision avoidance systems, healthcare, loans and credit scores, and facial recognition technologies.听

2. Cyber Operations in Support of AI Development and Deployment

In addition to concerns stemming from hacking AI systems themselves, data gathered from cyber operations can potentially be funneled into a country鈥檚 domestic AI efforts. This outcome is particularly concerning when the national AI program in question is that of a geostrategic rival and peer competitor.听

Why does data matter? AI is underpinned by three mutually reinforcing pillars: data, algorithms, and computational power. Data plays a vital role in the training, validating, and testing of AI systems. As a result, and as Kiersten Todt (former executive director of the Obama administration's bipartisan commission on cybersecurity) has , 鈥渄iversity of data, quality of data aggregation, [and] accumulation of data鈥� will be critical to the success of China鈥檚 AI ambitions. Notably, while China has access to an abundance of domestic data, algorithms tailored for use-cases within China and based on local data may well have limited broader global utility.听

This is where cyber operations enter the conversation. Cyber espionage operations are uniquely suited for . Take, for example, the recent , the latest in a long list of Chinese-sponsored hacks. It keenly demonstrated the scale and scope of access afforded to cyber espionage operations with somewhere between 30,000 and 60,000 organizations compromised. This operation is notable for another reason as well, however. Earlier this year, first reported that part of the motivation behind this hack may have been to collect data to power the growth and capabilities of China鈥檚 AI systems.听

3. The Impact of AI on Cybersecurity Dynamics

The intersection between cybersecurity and AI does not end with the implications of offensive cyber operations for AI. AI also has significant implications for cybersecurity, both as an offensive and defensive endeavour.听

Using AI to improve cybersecurity is a double-edged sword: aiding defenders of and malicious actors seeking to compromise systems alike. Hackers want to find and use vulnerabilities in software to compromise victims鈥� systems and defenders want to find the same vulnerabilities to protect their users. AI can assist in both of those lines of effort.听

Defense

and much of our current defensive landscape is reactive in nature. The cybersecurity best practices of threat-hunting, for example, are time-intensive, leverage signatures or indicators of compromise, and rely heavily on human intervention. At the same time, IT systems are now geographically farther apart due to cost savings provided by cloud-computing efficiencies and the techniques, tactics, and procedures (TTPs) used by attackers constantly evolve and are harder to detect due, in part, to that very evolution.听

Given this landscape, AI can enable better cyber defenses. How? While the cybersecurity industry has used automation for some time, new Machine Learning systems鈥攁 subset of AI鈥攃an learn and improve on the job. Some systems are able to help identify hackers inside networks earlier based on suspicious behaviors, reducing the 鈥渄well鈥� time on a network (which could be especially helpful tackling the scale of today鈥檚 ransomware problem). Other AI models can be tailored to identify potential vulnerabilities and patch at a larger scale than humans ever could. Companies such as and promote such skills and suggest they will be critical for achieving the concept of 鈥渮ero trust鈥� across an Internet built to be open and accessible.听

Offense

AI can also enable better offensive cyber operations, including (as previously discussed) hacking AI itself. Just as AI can help network defenders identify and patch vulnerabilities at a faster rate and at a larger scale, the same models can be deployed by adversaries to identify the most valuable 鈥渮ero days鈥濃�攐r previously unknown software vulnerabilities. But the potential benefits to the attacker extend far beyond identifying vulnerabilities to be exploited. Greater automation can occur across an operation鈥檚 lifecycle: including target selection, vulnerability discovery and exploitation, command and control (C2), lateral movement and privilege escalation, and action on objective. Notably, this array of opportunities are of particular utility to. Moreover, the growing sophistication of criminal groups鈥攐ften employing ransomware鈥攎ight mean that these techniques could also be leveraged by non-state actors sooner rather than later.

Importantly, cybersecurity is a two-way street. Just as defenders increasingly leverage AI for their own purposes, hackers will test and improve their malware in an effort to make it more resistant to the AI-based security tools they may encounter. As the IEEE points out, 鈥�.鈥� Given this interplay, the jury is still out on whether or not AI will provide greater advantages to the hackers or defenders of digital systems.听

听