How Can AI Change The State of Cybersecurity

Dmitri Koteshov
Digital Content Manager
March 7, 2018

According to Wikipedia, financial crimes are “crimes against property, involving the unlawful conversion of the ownership of property (belonging to one person) to one’s own personal use and benefit”. In the Internet age, financial crimes are often associated with cybercrime. Globally, this type of criminal activity is regarded as a major concern, and fighting cybercrime has become a top priority for both governments and corporations.

Financial data, health records, personal identifiable information (PII), intellectual property and basically any valuable data are subject to attacks. Cybercriminals employ highly profitable strategies like disrupting business operations via DDoS attacks or monetizing data access by advanced ransomware techniques.

However, when asked about cybercrime, most people would think of casual crimes like credit card theft, online scams, and identity theft. Still, there’s a darker side behind the story of a stolen password for a credit card: some cybercriminals stay in close cooperation with terrorist groups by providing funds for human and drug trafficking. Any device connected to the Internet is prone to attacks, and tech-savvy cyber terrorists make no difference whether it is an unprotected home computer or an inefficient corporate information technology system. Some basic fraud practices do not even require special knowledge, and anybody can buy tools on the black market to commit a cybercrime.  

The most popular ways to steal personal data include:

It’s worth saying that phishing attacks are the most prevalent among those. KnowBe4 – the world’s largest security awareness training and simulated phishing platform – sent test phishing emails to 6 million users only to find that the majority of them clicked on the link promising money gain. Simple as that.

Apart from preying on individuals, organized cyber attacks affect states at the national security level. But are countries ready for the alert? The stats aren’t convincing enough. James Gosler, one of the US top security experts, believes that there are up to 1.000 people with the necessary skills to defend the USA against the most complex cyber attacks out of the 20.000-30.000 professionals required. Thus, the problem is calling out for new measures, and one of these is the use of AI.

These days everybody’s heard “a little something” about artificial intelligence and machine learning. In 2018, they remain hot topics in every trend lists like this one. Nevertheless, despite high anticipations, we still wait for the brave new world to come in a form we all can understand. “We kind of noticed this huge gap,” a tech entrepreneur and investor Ben Lamm agrees. “Everybody has an emotional reaction to AI, everybody wants AI, nobody seems to know what that means.”

Even in the world of tech, the attitude towards AI varies from critique to praise. Elon Musk who stole all the biggest headlines in 2018, has repeatedly warned about the dangers of artificial intelligence, describing it as a potential threat to the human race. On the other hand, another tech-giant Mark Zuckerberg adheres to the opposite point of view saying he was “tired of the fear-mongering”.

This ambiguity is applied to the use of AI itself. Like any technology, it might be a new source of danger if falls into the wrong hands. “We have AI, but so do the bad guys,” says Ann Johnson, Microsoft’s Vice President, Enterprise & Cybersecurity. For instance, AI can help human cybercriminals to modify their attack patterns. As a rule, the implementation of a spear-phishing attack – simple, yet targeted and dangerous email-based threat – requires hackers to gather personal information about prospective victims. The use of AI systems can help gather and process large databases to connect identifying information in a much faster manner. In an interview to Computerworld Australia, Fortinet’s global security strategist, Derek Manky, told that “black hat attackers are getting in much quicker because of automated attack code. The time to breach is shrinking significantly. Their attack code is replacing human cycles. The human had to execute each stage of the kill chain themselves. We are now seeing code that is automating that process, taking the black hat human out of the picture.” Sounds menacing? Again, the use of AI is a two-way street: crime fighters armed with AI can prevent attacks by resorting to analytics and find out when something bad is going to happen. The picture will look like a game of chess played by grandmasters. Just imagine AI-driven attacks changing tactics and AI-driven defenses responding equally in real time.

This article wouldn’t be complete without mentioning another buzz word – blockchain.  Security analysts predict that this technology will be more widespread as a counter-attack measure. Fair enough, nowadays blockchain is mostly associated with the cryptocurrency market, but in the future things could change. To put it briefly, the blockchain splits up data into blocks and distributes them over a decentralized network. This way, as a result of its distributed nature, blockchain leaves no room for hackable entrance or a central point of failure. Thereby, this technology is more security-oriented, and this feature prevents criminals from accessing and compromising massive amounts of data all at once. Industries like banking and healthcare could be among the first to incorporate blockchain technology to raise their security level bar significantly. Another great advantage of using artificial intelligence is that they save considerable time for tech employees. As minor attacks sometimes demand for trivial solutions, AI-driven systems will take care of the situation on its own.

Another countermeasure lies within the cooperation between organizations. In round numbers, 80% of attacks follow the same pattern and execution: phishing, ransomware, trojan viruses, etc. Sure enough, these attacks will become more sophisticated or use another delivery techniques, but – generally speaking – they will remain the same in their essence. Therefore, an approach by which various institutions can share the information collected by their security systems seems to be only logical and beneficial. When a certain amount of data is collated and analyzed in conjunction, some patterns and everyday occurrences will become more evident for everyone. Sharing is caring, and this practice would undoubtedly give companies a hand in their fight against cybercrime.

However, at the moment, everything still depends on us, humans. The errors committed by employees of an organization make a major contribution to data loss incidents, and its widespread presence continues to rise on a global scale. “Eight years of research on data breach costs has shown employee behavior to be one of the most pressing issues facing organizations today”, comments Larry Ponemon, founder of the non-profit Ponemon Institute.

Considering the state of cybersecurity today, the implementation of AI systems can be a real game breaker. Undoubtedly, there’s still a lot of work to be done – for instance, 52% of cyber professionals believe that current systems aren’t accurate enough. However, these systems come with a number of substantial benefits that will empower cybersecurity professionals with more possibilities to fight cyber-attacks and safeguard their enterprise. Today, advanced AI techniques, like machine learning and deep learning, are possible because of more sophisticated algorithms and the vast amounts of available data. So give artificial intelligence time, and eventually, they will provide you with a dynamic edge over cyber terrorists.


8 Characteristics Of The Next-Generation Financial Services Websites

When it comes to the face of business, it is important to change it over the time to keep up with the pace of innovation. Digital revolution sets its own rules on the way business is transformed. Brick-and-mortar shops are empowered with online versions, face-to-face payments – with one-click purchases,...

Smart vs. Ricardian Contracts: What’s the Difference?

We continue to explore the world of the blockchain, and one of the conspicuous notions in this field is called “a smart contract”. In this article, we’re going to find out what the difference between a smart and a Ricardian contract is. However, before diving into the details, let’s answer...
insurance innovation

Insurance And Innovation: How Technology Disrupts Traditional Business

“The threat that inspires” – here’s how insurtech is referred to in media. Indeed, the innovation that comes to the industry has the disruptive nature. Well, it’s very early days for insurtech startups to transform the market but high customer expectations and rough competition encourage industry leaders to weigh the...

Chatbots: the Future of Digital Banking

Let’s start with myth-busting, shall we? AI-powered chatbots aren’t solely used for communication purposes. It would be fair to begin with this statement as, contrary to popular belief, bots are bigger than they may seem to the general public. In fact, more and more financial institutions are starting to consider...