Logo

The Data Daily

How Hackers Are Wielding Artificial Intelligence

How Hackers Are Wielding Artificial Intelligence

AI has proven itself to be a value-adding technology across the global economy.

As businesses found themselves scrambling to adapt to current events over the last few years, some of them found ways to cram half a decade’s worth –in Frito-Lay’s case– of digital transformations into a much shorter time frame.Harris Poll and Appen found thatAI budgets increased by 55%during the global pandemic.

Like any tool, artificial intelligence has no innate moral value. AI’s usefulness or potential for harm comes down to how the system “learns” and what humans ultimately do with it.

Some attempts to leverage AI – such as “predicting” crime before it happens – show that models trained on biased data tend to replicate human shortcomings. So far, training AI using data from the U.S. justice system has resulted in tragicallyprejudiced AI reasoning.

In other examples, humans choose more deliberate ways to leverage AI’s destructive potential. Hackers are showing their innovative tendencies yet again by using artificial intelligence to improve their attacks’ reach, effectiveness and profitability. And ascyberwarfare becomes more and more commonaround the globe, we will surely see the applications of AI in hacking develop even further.

Artificial intelligence provides a world of possibilities for businesses wishing to improve forecasting, business optimization and customer retention strategies. It’s also a windfall for those intent on compromising others’ digital sovereignty.

Here are a few ways artificial intelligence may be susceptible to discreet tampering and more overt efforts to turn it toward aggressive actions.

The chief advantage of AI for consumers and commercial enterprises is that it carries out predictable and repeatable acts of logic without human interference. This is also its greatest weakness.

Like any other digital construct, AI may be susceptible to penetration by outside forces. Hackers that access and compromise the machine logic powering AI could cause it to carry out unpredictable or harmful actions. For example, an AI tasked with industrial condition monitoring might deliver false readings or let maintenance pings go undelivered.

Since the entire point of AI investments is to eliminate human intervention and second-guessing results, the harm to infrastructure or product quality caused by an attack of this nature may not be noticed until catastrophic failure.

Another potential avenue for harm – especially where intellectual property (IP) and consumer or commercial data are concerned – is the notion of reverse engineering. Hackers may even steal the artificial intelligence code itself. With time enough to study how it works, they could eventuallyuncover the datasets usedto train the AI in the first place.

This could provoke several results, the first of which is AI poisoning. Other examples could involve hackers leveraging the AI training data itself to glean compromising information on markets, competitors, governments, vendors or general consumers.

Surveilling targets is likely one of the more unsettling implications of AI falling into the hands of hackers. AI’s ability to come to conclusions about a person’s abilities, knowledge areas, temperament, and the likelihood of falling victim to targeting, fraud or abuse is proving particularly worrying for some cybersecurity experts.

Artificial intelligence can ingest andreach surprisingly detailed conclusionsabout people, teams and groups based on some of the unlikeliest data points. An “engaged” or “distracted” individual might type quickly, fidget with the mouse or move between browser tabs quickly. A user who is “confused” or “hesitant” may pause before clicking on page elements or revisit multiple sites.

In the right hands, cues like these help HR departments boost employee engagement or help marketing teams polish their websites and sales funnels.

For hackers, signals like these could result in a surprisingly nuanced psychological profile of an intended target. Cybercriminals might be able to tell based on hints invisible to humans which people might be vulnerable to phishing, smishing, ransomware, financial fraud and other types of harm. It might also help bad actors learn how best to convince their targets that their fraud attempts come from legitimate sources.

Cybersecurity professionals published data on20,175 known security vulnerabilities in 2021. That was an increase over 2020, when there were 17,049 such vulnerabilities.

The world grows more digitally interconnected – some would say interdependent – by the hour. The world now hosts a dizzying number of small-scale and industrial networks, with billions of connected devices online and more on the way. Everything’s online, from condition-monitoring sensors to enterprise planning software.

Artificial intelligence shows promise inhelping cybersecurity teams rapidlyprobe for network, software and hardware vulnerabilities faster than humans could alone. The speed and scale of the growth of Earth’s digital infrastructure mean it’s almost impossible to search trillions of lines of code for security exploits to patch. This all has to happen while these systems are online due to the cost of downtime.

If AI is a cybersecurity tool here, it’s also a double-edged sword. Hackers can use the same mechanisms as the “white hat” IT crowd to carry out the same work: probing networks, software and firmware for vulnerabilities more efficiently than human IT specialists can.

There are too many AI applications in cybercrime to name them all, but here are a few more:

It seemed to take just one well-placed story abouthacking a jeep while it’s drivingto slow autonomous vehicle development to a crawl. One high-profile hack where AI acts as a lynchpin could cause a similar erosion in public opinion. Some polling shows the average American ishighly dubious about AI’s benefitsalready.

Omnipresent computing comes with cybersecurity risks – and both white hat and black hat hackers know it. AI can help keep our online lives secure, but it’s also the epicenter of a new digital arms race.

Images Powered by Shutterstock