copyright by www.csoonline.com
Given the speed and complexity of modern cyberthreats and the current cybersecurity skills shortage , network security teams need the assistance of machine learning and other AI-based capabilities in order to detect, secure, and mitigate modern attacks.
However, it should come as no surprise that while organizations are adopting AI to bolster their security efforts, cybercriminals are also adopting of things like agile software development, automation, and machine learning to potentially leverage AI themselves to better identify and more quickly exploit network vulnerabilities.
Due to the growing number and variety of IoT and OT devices entering network infrastructures, cybercriminals already have the opportunity and capability to launch rapid, complex attacks that these inherently vulnerable devices as entryways into corporate networks. The potential attack capabilities posed by AI will only further compound the threats to today’s digital transformation efforts.
As a result, AI may soon offers the means to either successfully secure or attack the IoT – effectively creating an AI arms race between cybersecurity professionals and cybercriminals. In order to protect digital transformations and maintain rigid security posture, it’s crucial that IT teams understand recent changes in cybercriminal strategies that could lead to an AI-driven threat environment in the next few years. They also need to understand which AI capabilities they need to begin to incorporate into their security stack now to maintain a consistent security posture while their network continues to evolve and expand.
The Shifting AI-Driven Threat Landscape
Cybercriminals have already begun leveraging automated and scripted techniques in an effort to drastically increase the speed and scale of their attacks. Thanks to these advanced capabilities, we’ve seen the volume of exploits skyrocket, rising 240 percent from Q1 to Q2 2018. T his strategy is also laying the groundwork for cybercriminals to eventually adopt AI to automatically map networks, assess vulnerabilities, choose attack vectors, and conduct penetration testing in order to deploy fully-customized and automated attacks.
If history is any guide, as legitimate AI capabilities continue to increase in today’s networks its adoption among cybercriminals is inevitable. Cybercriminals are undergoing their own digital transformation, and as a result, they are already leveraging things like agile development to quicken the pace of malware development to outpace manual threat analysis and outmaneuver modern security solutions. The eventual adoption of AI will accelerate this process further.[…]