Fighting AI with AI

Callan Abrahams, Principal AI Consultant, iOCO.

---

It’s every business leader’s worst nightmare: You wake up on a Friday morning to discover that you supposedly approved a R35 million payment, and the money has been removed from your company’s bank account. Your staff swears they spoke to you, but you never authorised any transactions. The prospect of a sleepless weekend looms ahead of you as you struggle to mitigate the effects of the cyber attack.

This scenario is more common than you would think. AI-generated deepfakes, where cyber criminals can replicate a trusted person’s face, voice and even fingerprints, are increasingly being used to infiltrate organisations, allowing the criminals to steal millions from companies around the world.

With the rise of artificial intelligence (AI) helping cyber criminals orchestrate attacks more effectively, security has turned into an AI-driven arms race. When hackers innovate as fast as your organisation does, and when their infiltration of your company’s network looks, sounds and feels like an authorised user, your only option is to fight their AI with better AI.

Internationally renowned cryptographer and cyber security evangelist Bruce Schneier points out that humans began gainfully exploiting vulnerabilities in systems – hacking – long before there were any computers, in his book, A Hacker’s Mind. He says that any time there is a complex process constrained by rules and norms, people will find ways to profitably subvert the goals of that system without breaking it, whether those systems are computers, frequent-flier programmes, professional sports contests or democratic institutions.

AI is helping cyber criminals take this to the next level, helping them automate attacks, develop undetectable malware, crack passwords and analyse data for targeted attacks. Hackers have even started using AI to ensure the English in their phishing messages is correct and believable.

AI algorithms can help hackers launch large-scale attacks on many companies at once, and the technology is helping create malware that is harder to detect. Some hackers no longer have the “smash and grab” mentality. Instead, they gain access to the system, monitor and learn user behaviour by collecting user data, and use this to commit crimes like the deepfake attack on a bank in Hong Kong that resulted in $35 million being stolen. Another crime that is increasing in popularity is AI kidnapping or data heists. These types of attacks occur when hackers manipulate recommendation engines or credit scoring models and other AI models in large organisations for evil purposes. Most frightening is the fact that hackers are becoming more sophisticated, and there are even rumours that they have their own large language models, allowing them to stay ahead of most cyber security measures.

As AI-driven threats continue to grow, companies are turning to AI to safeguard their digital systems and information. With the detection and remediation of threats going into dozens, if not hundreds of days using traditional methods, organisations are starting to use AI to save time and become more proactive when identifying breaches.

AI allows us to work more intelligently, and is being used to investigate threats, identify issues, report on a particular problem and research specific threats. Using AI, we are able to visualise a great deal of information, and the connections between different data points, far more effectively. AI is also allowing us to enrich reporting data, enabling far more meaningful reports.

In the past, security teams struggled to identify behaviour patterns that would indicate malicious activity. AI allows security teams to detect threats faster and respond to incidents quicker, recognising patterns that may be difficult for the human eye to spot. AI can scan scores of devices for potential vulnerabilities in a fraction of the time it would take human operators to do the same task, and AI analysis of large volumes of security data can be done in infinitesimal increments compared to human analysts.

AI-powered automation also plays a crucial role in tasks like vulnerability scanning and patch management as well as detection of new and emerging malware. Most importantly, AI is invaluable in streamlining incident response processes, providing real-time alerts and recommendations, allowing human security analysts to focus on more complex and critical tasks. In fact, as organisations integrate natural language processing (NLP) functionality across their defensive measures, they can add an extremely efficient new staff member to their team: A chatbot that can draw on a knowledge base far faster, and far more more effectively, than a human could.

Cyber security expert Mikko Hypponen famously said: “If it’s smart, it’s vulnerable.” As our organisations become smarter, and as we continue to add technology like biometrics to our security toolkits, we are going to need a more intelligent means to identify threats and defend against them.

We have to start understanding that biometric information is no longer sacred, and that the e-mail from your supplier asking for immediate payment may not be from that organisation at all. Dynamic policies and threat detection are therefore essential. However, cyber security needs to be more than just a policy – cyber security is no longer just the IT department’s problem, and everyone in the organisation needs to not only be aware of how bad actors access company information, but how to help defend against threats. In light of this, a zero-trust policy must be part of daily organisational operations.

By investing in the right AI solutions and cyber security defences, we can ensure our organisations stay a step ahead of the bad actors, making sure that AI is used for good, not for evil. As the threats out there continue to grow, we will need more skilled people to defend our organisations. Cyber security offers a huge opportunity for job creation for young South Africans, particularly in light of the fact that it’s relatively easy to get started through online training programmes and there is a huge demand for these skills globally.