How businesses can safeguard against rogue AI

Artificial intelligence has become a powerful weapon against cybercrime in recent years, but it’s only a matter of time before the hackers start wielding it on a large scale


illustration of robot shielding a man from explosions

Three decades after a US university student called Robert Tappan Morris was convicted of launching the first widely known malware attack on the internet, cybercrime has become big business, costing the global economy an estimated £2.1m a minute.

Internet service provider Beaming reports that cybercriminals are launching increasingly sophisticated attacks on an “unprecedented scale”. The pandemic has exacerbated the situation because it has prompted a sharp rise in remote working, which has enabled them to target vulnerabilities in domestic internet connections to attack corporate systems. In 2020, the average UK business faced 686,961 attempts to breach its systems – 20% up on the previous year’s figure – according to Beaming. That equates to an attack every 46 seconds. 

Facing this relentless onslaught, organisations of all sizes have had to up their game. For many, artificial intelligence has become key, as it can detect irregularities and pinpoint potential threats with much greater accuracy than traditional defences.

Defensive AI is absolutely necessary to fight offensive AI. Humans alone cannot do this

An important breakthrough in the fight against cybercrime came in 2013 when a company called Darktrace created a defensive AI system that was “capable of watching over critical data 24/7 and detecting attacks in their earliest stages. This changed the game for defenders,” says Abhay Raman, chief security officer at Sun Life. “In 2016, the same inventors created an autonomous-response system – tech that can fight back against cyberattacks on its own. This is the present and future of data security.”

The rise of offensive AI 

Unfortunately, where cybersecurity experts lead, hackers follow. They learn from each other in this game of cat and mouse, with both sides continually innovating in their efforts to outwit the opposition. 

As a result, 96% of IT security professionals are braced for AI-powered attacks in what’s likely to be another pivotal moment in cybersecurity, according to Darktrace. 

The company’s director of threat hunting, Max Heinemeyer, explains: “AI will be a powerful tool for cybercriminals. It means that attacks can be scaled up. They can propagate through systems faster and be more targeted in their action. As fully AI-powered attacks loom on the horizon, a shift in security defences is already under way.”

Hackers can use AI to create sophisticated malware capable of replicating trusted systems, improving its ability to unleash widespread and undetectable attacks. 

“Attackers are starting to reap the advantages of AI for themselves,” Raman says. “We’ve seen deep fakes, but it can also be used in more subtle ways – for instance, to create highly convincing emails impersonating trusted people in your network or to help malware target high-value data sets in a corporate network.”

The reality is that traditional cybersecurity tech will struggle in the face of this new threat, warns Heinemeyer, who adds: “As we enter this new threat era, organisations will need to embrace next-generation technology to protect themselves from intruders. It’s imperative that we use AI to defend against AI-powered attacks. Defensive AI can take highly targeted action to neutralise an attack without disrupting normal business operations. It can do this autonomously and, crucially, at machine speed, which allows human responders to take stock and plan from behind the front line.” 

In the war of algorithms, it will become a matter of who deploys AI fastest. Fortunately, experts believe that defensive AI may have the upper hand. The effectiveness of the tech relies upon robust information – and cybersecurity firms possess a wealth of data on recent attack methods and patterns.

“Defensive AI is absolutely necessary to fight offensive AI. Humans alone cannot do this,” Raman says. “Autonomous-response technology is already combating some of the most sophisticated attacks out there at machine speed, empowering thousands of enterprises to continue their normal operations even as attackers try to strike. This computer-speed response will be critical to stopping offensive AI, which will be fast and intelligent.”

Human defences 

While large, financially robust organisations have been the traditional target of sophisticated cyberattacks, hackers are increasingly setting their sights on small and medium-sized enterprises, which tend to be softer targets. As such, it will be more important than ever for these businesses to protect themselves, which includes ensuring that their employees adhere to basic IT security principles. 

Hackers are only too aware that one of their best routes into a corporate system is through human error. A survey of 2,000 workers in the US and UK by email security firm Tessian in April 2020 found that 43% of respondents had made mistakes with cybersecurity ramifications, either for themselves or for their companies.

Businesses should focus on the fundamentals and implement a multilayered approach to cybersecurity, according to Kelvin Murray, senior threat researcher at Webroot International. 

“This should involve using appropriate software and security knowledge, which should then be underpinned by a consistent education programme to improve employees’ vigilance,” he says. “Security training and the establishment of proper online etiquette would be a good start, coupled with comprehensive best-practice guides for passwords and system policies to maintain effective defences.”

The government’s National Cyber Security Centre (NCSC) recommends that firms run security-awareness campaigns that focus on positive messages about what staff can do to help protect the business. According to the NCSC, businesses should collaboratively build security that works for people in the organisation, delivering “small, frequent chunks” of training to make the information more digestible. 

Quite simply, enterprises will need to deploy tactics ranging from defensive AI to employee education programmes if they are to protect themselves, as the cybercriminals’ weaponry achieves the next level of sophistication.