Tag: ai

The Nexus of Cybercrime and Artificial Intelligence: Current Trends and Future Projections

The Compassionate CISOLeave a comment

As the combination of cybercrime and artificial intelligence (AI) has been increasingly discussed by scholars, policymakers, and industry leaders in recent years, this is unsurprising. With AI technologies developing more rapidly, cybercriminals are using these to plan sophisticated attacks on organizations across the globe. Here, I want to see the state of play in cybercriminals using AI for malicious purposes today and share a few future perspectives on where this threat landscape might head.

Today, criminals use AI to be more efficient, effective, and espionage-ready. The most visible of these is AI-driven malware that can change autonomously and respond to shifting defenses. For example, generative adversarial networks (GANs) build rogue code to circumvent traditional security by imitating healthy files or taking advantage of the vulnerabilities in real-time.

Also, AI-based phishing campaigns have advanced to using NLP (natural language processing) to generate highly persuasive messages that are not scanned by email filters and fool unsuspecting recipients. These are usually social engineering attacks that use AI to mine open data on social media, among others, to tailor phishing emails and make them more effective.

In addition, AI is being used to automate and scale different phases of the cyberattack cycle, such as reconnaissance, infiltration, exfiltration, and evasion. Machine learning algorithms can scan enormous quantities of data to find flaws in the systems targeted, pick targets on value, and tailor attack plans to have the most impact and the least chance of detection.

Future prospects see AI’s interaction with other emerging technologies – the Internet of Things (IoT), 5G, and quantum computing – increasing the power of cybercriminals and creating new avenues of attack. For instance, the proliferation of IoT appliances opens a vast attack surface for AI-powered botnets to carry out large-scale DDoS attacks or penetrate critical networks.

In addition, creating driverless vehicles, smart cities, and critical infrastructure networks tied to AI-enabled networks creates never-before-seen possibilities for cyber-physical attacks. Complex AI algorithms might then be employed to ‘game’ sensor data, destabilize automation, or physically assault self-driving cars or industrial control systems.

And then there are the AI-powered deepfakes, which are already becoming an issue in terms of disinformation, identity theft, and fraud. Cybercriminals might use AI to create convincing fake audio or video recordings of an individual, public figure, or company leader to circulate a piece of bad news, destabilize financial markets, or force someone into providing valuable information.

To summarise, cybercriminals’ use of AI is a constantly changing threat to organizations in every industry. But with the development of AI, so will the sophistication and frequency of AI-powered cyberattacks. This dynamic threat environment must be regulated through technology development, regulatory frameworks, and industry partnerships. With the proper vigilance and proactive security, organizations can avoid being victims of AI-based cybercrime and protect their digital resources and platforms from upcoming risks.

References:

  1. McLean, G., & Holyoke, B. (2021). “Artificial Intelligence in Cyber Security: Current Trends and Future Directions.” Journal of Cybersecurity, 10(3), 345-367.
  2. Sarker, I. H., Khan, M. M. H., & Ahmed, S. (2020). “AI-Based Cyber Attacks and Cyber Defense Mechanisms: A Survey.” IEEE Access, 8, 175024-175046.
  3. Dworkin, M. (Ed.). (2019). “The Future of AI in Cybersecurity: A Report from the RSA Conference.” Retrieved from https://www.rsaconference.com/writable/presentations/file_upload/ai-and-cybersecurity-report.pdf
  4. Acar, E., & Ayday, E. (2020). “Adversarial Attacks Against Machine Learning Models in Cybersecurity.” IEEE Security & Privacy, 18(6), 85-93.
  5. O’Gorman, G. (2021). “The Growing Threat of AI-Enhanced Cyberattacks.” Harvard Business Review. Retrieved from https://hbr.org/2021/07/the-growing-threat-of-ai-enhanced-cyberattacks