Did you know Microsoft’s source code was successfully breached by Russian hackers?
The company admitted the incident late last year, and it shocked the world. Surely, small companies and even larger ones with faulty security could be hacked. But one of the largest technology corporations in the world?
Naturally, this leads to the question: if Microsoft can be hacked, what about your business?
In the end, it appears artificial intelligence was the core tool used in the attack.
Carl Fransen takes a closer look at AI and what you need to know about it to keep your business protected. Discover more about CTECH at ctechgroup.ca
3 Peas in a Pod: Your Company, Hackers, and AI
Say your company’s security team has developed a full-proof two-step verification sign-in process that requires you to enter a password followed by a keyword phrase. Only your own voice can unlock the account.
Seems like an impenetrable system, right?
Again, only your voice works. How could anyone hack it unless they had a knife to your throat and were making you speak (unlikely)? How could it go wrong?
What Is AI?
AI (artificial intelligence) encompasses a large range of computer intelligence systems that are so “smart,” they can replicate tasks normally only carried out by humans.
Another of the key features of artificial intelligence programs is that they can learn. Let them run, leave them on autopilot, and they’ll get better and more advanced with time.
Sort of creepy, right?
While it may be bizarre, it’s the norm these days. Artificial intelligence has infiltrated a vast number of our computers and computer systems. In fact, whether you know it or not, your cybersecurity company is likely using AI to protect your company. That is, the best cybersecurity companies use at least some form of AI as protection.
And while this is good, it may not be good enough.
How Hackers Are Harnessing AI
Here are a few of the AI-based tactics hackers have been using to attack companies, nation-states, and other entities:
- Identification of the best targets for phishing
- Impersonation of the top trusted user voices and writing: AI can replicate voices, writing tone, language use, and more.
- Creation of custom websites with malicious, hidden intents
To further complicate the use of AI as it relates to cybersecurity, you never know what exactly hackers are working on, which means you must put barriers at all doors.
It could be an attempt to modify your training data so that when you think you’re training your own AI-enabled security software to fend off attacks, their software is actually teaching their attackers just how to infiltrate your defenses. Or, it might be an effort to create an autonomous program that continually launches large numbers of concentrated attacks against only your company.
In the game of cybersecurity, defense is far more complicated than offense. AI security teams must be constantly vigilant against what hackers might possibly be working on.
What Can Executives Do to Protect Their Companies?
First of all, if you’re reading this, you’re concerned about your company’s cybersecurity.
Many C-level executives don’t even have security on their immediate radar and consider a hack or breach as a far-off, unlikely possibility.
We know this couldn’t be further from the truth.
Cybercriminals’ main objective is to hack your company’s systems and compromise your data or steal it outright. They work diligently in pursuit of this goal, which only means we have to work even more diligently on your protection.
So, here’s what you can do:
Speak to your cybersecurity company about their approach to AI.
Make sure artificial intelligence is on their radar. If they brush it off or say they do only a minimal amount of prevention in this area, you may want to switch security companies.
Ask your security company about AI as a threat response instead of AI only as threat detection.
To be fair, vendors have only been gone creating AI-enabled software that’s able to predict AI hacks as well as respond to them. But again, these concepts should definitely be on the radar of your cybersecurity company if they are serious about protecting your data and systems access.
Keep your finger on the pulse of AI security.
You don’t need to make this your primary concern (after all, you have a business to run). However, you should be aware of new developments and increasingly popular threats.
In the end, we have to realize that artificial intelligence is a tricky double-edged sword. On one hand, it can work against us as a tool used by the most sinister and genius cyber attackers.
On the other hand, it’s also the antidote to the very same problem. With the best and most advanced AI on our side, we can leverage hackers’ own “powers” against them and fend off attacks.