Listen to the audio version of the article
Artificial intelligence is transforming cyber security at its roots. There was some suspicion of this already with the arrival of ChatGpt, in particular with the first news of the use of generative AI by criminals, already in recent months. However, the news that has been savored in recent weeks is another, and it is positive: the “good guys” are starting to catch up on the “bad guys” and the first advanced artificial intelligence solutions for cyber security are arriving on the market. This was learned, among other things, on 24 October at the Sole24Ore Cybersecurity 2023 event; but the evidence that comes is numerous.
The global AI in cybersecurity market size is expected to grow from $8.8 billion in 2020 to $38.2 billion by 2026, according to a report by MarketsandMarkets.
The report also highlights that we will increasingly need AI in cybersecurity due to the growing number of cyber threats and the shortage of qualified cybersecurity professionals. In a certain sense, the use of AI in cyber is now necessary, both to solve ancient problems and because AI is increasingly used by criminals.
Beware: Since well before the pandemic, cybersecurity companies large and small have been showcasing AI solutions at industry trade shows, such as the annual Black Hat gathering in Las Vegas, Nevada. The companies promised that their latest solution would stop malicious hackers before they could do any damage. At the time, however, it was largely pure marketing. Something is changing thanks to the latest technological developments.
At this year’s Black Hat, officials from the US Government’s Defense Advanced Research Projects Agency (Darpa) announced the launch of the AI Cyber Challenge, a two-year competition aimed at creating cutting-edge cybersecurity systems powered by artificial intelligence and designed to protect the nation’s critical infrastructure. All the big names in the sector participate, such as OpenAI, creators of ChatGpt.
Current cyber threats with AI
At the same time, in that Black Hat, researchers from the cybersecurity startup HiddenLayer demonstrated to the media and potential customers how artificial intelligence can be used to crack online banking systems. In one case, AI helped convince the bank to approve a fraudulent loan application. Each time the application was rejected, the AI learned from the attempt and modified the request until it was accepted. Speaking of deception: there are already numerous examples of using generative AI to write effective phishing messages; it seems inevitable that the use of deepfakes (audio and video) made with AI to steal someone’s identity for the purpose of fraud will then spread. For example, to obtain a bank transfer in your favor from a company. In another case presented at the latest Black Hat, it was the AI itself that posed a vulnerability in the systems. The bank’s chatbot, powered by ChatGpt, was tricked by criminals into providing confidential financial information. «AI allows you to carry out cyber attacks simultaneously, automatically, quickly», explains Rosita Galiandro, head of the Exprivia Cybersecurity Observatory. Another well-known criminal use, reported by numerous security companies, is to get help from AI to write security code. a malware.
AI solutions for cyber
But luckily there is also good news. AI is opening a new era for cyber protection. Keep in mind that traditional cybersecurity approaches rely heavily on signature-based detection systems that are only effective against known threats. New and unknown threats can thus go unnoticed. AI-based solutions, on the other hand, use machine learning algorithms that can detect and respond to both known and unknown threats in real time. The advantages: more speed and more detection capacity. «AI reduces the average time for detecting a threat in a company by 112 days», says Stefano Rebattoni, vice president of Assolombarda with responsibility for Digital Transition and Technological Innovation. Cyber solutions with AI are therefore multiplying , as also noted by Gianluca Galasso, admiral, director of the National Cybersecurity Agency Operations Service. Galasso mentions two VirusTotal products released a few months ago. Crowdsourced AI, which focuses on PowerShell files, describing their behavior and providing predictions about their potential threat level. CodeInsight allows security experts and analysts to have deeper insight into the purpose and functioning of the analyzed code; thus improving the ability to detect and mitigate threats. Furthermore, in the autumn, as Galasso also notes, Microsoft’s Security Copilot, a chatbot assistant aimed at security experts, will arrive. The challenge of the future will be played on people. That is, on making human-machine collaboration work: between AI and experts. According to some of them, AI’s biggest help will be to ease the workload. There are not enough qualified professionals to fill all open cybersecurity jobs. If AI can identify potential threats, it will free up analysts’ time to evaluate and intervene. AI systems could also prove to be an important tool for training more cybersecurity professionals, helping them learn to do things like reverse engineering and breaking down code. In short: if AI proves to be a weapon at the service of the good, rather than the bad, it will not only be thanks to new useful cyber products; but above all if it will help experts work better.