Are We in the Era of AI-Powered Cyber-Warfare?

August 22, 2019 - 7 minutes read

For almost the entirety of its relatively short history, the US has been engaged in one conflict or another. Over the past few decades, technology and science have increasingly been used in these battles. As a result, threats can come in many shapes and sizes today.

But our biggest undeclared war right now doesn’t involve drones, nuclear programs, or any of the other technologies that usually take up headlines when it comes to this topic. In fact, our biggest war right now takes place on a completely different battlefield: Cyberspace.

We’re entering an era where victories and defeats are being solely determined by cyber-warfare. And due to recent developments, artificial intelligence (AI) and machine learning are starting to play a central role in these fights.

A Short US Cyber-Warfare Primer

What exactly constitutes a cyber attack? Well, it’s quite broad. Cyber attacks could mean “attacking systems during peacetime — such as our power grid or election systems — or it could be during wartime in which case the attacks may be designed to cause destruction, damage, deception, or death,” explains Greg White.

White is the Executive Director at the University of Texas at San Antonio’s (UTSA) Center for Infrastructure Assurance and Security (CIAS). He’s also an Air Force veteran who has worked in cybersecurity since 1986.

While White’s definition covers a wide scope, you don’t have to look far in the past to find pertinent examples. The 2016 US presidential election was infamously plagued by Russian interference which resulted in the spread of misinformation and fake news. That same year, Mirai caused extensive Internet outages across the U.S. east coast. And of course, who could forget the Equifax hack which compromised the data of 143 million people?

But when did cyber-warfare begin for the US? White says that it can be traced back to the early 1990s. “We started experimenting with cyber attacks during the first Gulf War,” he explains. Over the next couple of decades, cyber-warfare evolved to reach the masses. “What is really interesting is the use of social media and things like websites for [psychological operation] purposes during a conflict,” says White.

Where We Stand Now

A group known as Unit 26165 is believed to be responsible for Russia’s interference in the 2016 US presidential election. But this was far from the only assault waged by Russian hackers. In recent years, they’ve attacked critical infrastructure in energy and manufacturing as well as a variety of US government entities.

But the US isn’t one to back down. Per The New York Times, the US has infiltrated Russian electric grid control systems with reconnaissance probes. And more recently, the US Cyber Command placed “crippling malware” inside Russia’s power grid. This could have far-reaching effects down the line. White explains, “Access to the power grid that is obtained now could be used to shut something important down in the future when we are in a war.”

Besides these actions, it’s clear that the US is prioritizing cybersecurity when you examine its financial activity. The country’s 2020 fiscal budget is setting aside $17.4 billion for cyber-related activities, with the Department of Defense (DoD) taking up $9.6 billion of that amount alone.

But despite these mounting efforts, one factor could curb the cybersecurity aspirations of the US: Lack of skilled workers.  According to the non-profit IT security organization (ISC)², three million cybersecurity jobs are projected to go unfilled globally in the near future.

While many institutions like UTSA are trying to fill this gap, White remains doubtful that can ever be done. “I’ve been preaching that we’ve got to worry about cybersecurity in the workforce, not just the cybersecurity workforce, not just cybersecurity professionals,” he says. “Everybody has a responsibility for cybersecurity.”

How AI Enters the Picture

Unfortunately, humans often represent the biggest risk in cybersecurity. And not just outsiders with malicious intent — many breaches are the result of insiders. As a result, automation has become commonplace in cybersecurity. White explains, “Humans can’t react as fast as systems can launch attacks, so we need to rely on automated defenses as well.”

AI, machine learning, and other automation methods are already being employed for a variety of applications, like pattern analysis, which strives to identify any behaviors that are indicative of an attack in progress. “What we are seeing quite a bit of today falls under the heading of big data and data analytics,” White says.

But what if AI is applied to the other side of the cybersecurity equation? What if hackers used it to gain an upper hand? According to Michelle Cantos, Stategic Intelligence Analyst at FireEye, a cybersecurity firm, AI could certainly help nefarious parties increase the number of cyberattacks they mount.

“Current AI technology used by businesses to analyze consumer behavior and find new customer bases can be appropriated to help attackers find better targets,” Cantos explains. “Adversaries can use AI to analyze datasets and generate recommendations for high-value targets they think the adversary should hit.”

Parts of this concept have already been put into action by security researchers. The Social Network Automated Phishing with Reconnaissance system (SNAP_R) was able to generate 400% more spear-phishing tweets on Twitter than a human and was shown to be just as capable as humans at targeting victims for sensitive information.

Luckily, for now, it seems that AI is mostly being used to help protect us against cyber attacks. But make no mistake, a new era of automated cybersecurity is coming. And as White alluded to, it doesn’t matter if you’re a tech developer in San Francisco, financial analyst in New York, or government agent in Washington, D.C. — everyone is responsible for robust cybersecurity.

Tags: , , , , , , , , , , , , , , ,