{"id":5064,"date":"2021-02-16T08:17:00","date_gmt":"2021-02-16T08:17:00","guid":{"rendered":"https:\/\/techclot.com\/index.php\/2021\/02\/16\/when-bad-actors-have-ai-tools-rethinking-security-tactics\/"},"modified":"2021-02-16T08:17:00","modified_gmt":"2021-02-16T08:17:00","slug":"when-bad-actors-have-ai-tools-rethinking-security-tactics","status":"publish","type":"post","link":"https:\/\/techclot.com\/index.php\/2021\/02\/16\/when-bad-actors-have-ai-tools-rethinking-security-tactics\/","title":{"rendered":"When bad actors have AI tools: Rethinking security tactics"},"content":{"rendered":"

When bad actors have AI tools: Rethinking security tactics<\/a><\/p>\n

\n
\n
\n
\n
\n

How can you prepare for a reality where bad actors use Artificial Intelligence technology to cause disruption? The good news is AI can help you bolster your security against such threats, too<\/h2>\n<\/p><\/div>\n<\/div><\/div>\n<\/p><\/div>\n<\/div>\n
\n
\n
\n
\n
\n
\"robotic<\/figure>\n<\/div>\n<\/div><\/div>\n<\/p><\/div>\n<\/div>\n
\n
\n
\n
\n
\n
\n

Cloud-stored data is suddenly encrypted, followed by a note asking for ransom or threatening public embarrassment. Corporate email addresses become conduits for malicious malware and links. An organization\u2019s core business platform abruptly goes offline, disrupting vital communications and services for hours.<\/p>\n

We\u2019ve learned to recognize the familiar signs of a cyberattack, thanks to the growing array of well-publicized incidents when threat actors from nation-states or criminal enterprises breach our digital networks. Artificial Intelligence<\/a> is changing this picture.<\/p>\n

[ Read also: 5 approaches to security automation<\/a> and How to automate compliance and security with Kubernetes: 3 ways<\/a>. ]<\/strong><\/p>\n

With AI, organizations can program machines to perform tasks that would normally require human intelligence. Examples include self-driving trucks, computer programs that develop drug therapies, and software that writes news articles and composes music. Machine learning<\/a> (ML) is an application of AI that uses algorithms to teach computers to learn and adapt to new data.<\/p>\n

AI and ML represent a revolutionary new way of harnessing technology \u2013 and an unprecedented opportunity for threat actors to sow even more disruption.<\/p>\n

What do these emerging adversarial AI\/ML threats look like? How can we take the appropriate measures to protect ourselves, our data, and society as a whole?<\/p>\n

Myriad opportunities for manipulation<\/h2>\n

Step one in cybersecurity is to think like the enemy. What could you do as a threat actor with adversarial AI\/ML? The possibilities are many, with the potential impact extending beyond cyberspace:<\/p>\n

You could manipulate what a device is trained to see \u2013 for instance, corrupting training imagery so that a driving robot interprets a stop sign as \u201c55 mph.\u201d Because intelligent machines lack the ability to understand context, the driving robot in this case would just keep driving \u2013 over obstacles or into a brick wall if these things stood in its way. Closer to home, an adversarial AI\/ML attack can fool your computer\u2019s anti-virus software into allowing malware to run.<\/p>\n

You could manipulate what humans see, like a phone number that looks like it\u2019s from your area code. \u201cDeepfakes\u201d are a sophisticated \u2013 and frightening \u2013 example of this. Manufactured videos of politicians and celebrities, nearly indistinguishable from the real thing, have been shared over social media among millions of people before being identified as fake.<\/p>\n

Furthermore, you can manipulate what an AI application does, like Twitter users did with Microsoft\u2019s AI chatbot Tay. In less than a day, they trained the chatbot to spew misogynistic and racist remarks.<\/p>\n

Once a machine learning application is live, you can tamper with its algorithms \u2013 for instance, directing an application for automated email responses to instead spit out sensitive information like credit card numbers. If you\u2019re with a cybercriminal organization, this is valuable data ripe for exploitation.<\/p>\n

You could even alter the course of geopolitical events. Retaliation for cyberattacks has already been moving into the physical world, as we saw with the 2016 hacking of Ukraine\u2019s power grid. Adversarial AI ups the ante.<\/p>\n

[ Check out our primer on 10 key artificial intelligence terms for IT and business leaders: <\/b>Cheat sheet: AI glossary<\/b><\/a>. ]<\/b><\/p>\n

Getting ahead of bad actors<\/h2>\n

Fortunately, as adversarial AL\/ML tactics evolve, so are cybersecurity measures against them. One tactic is training an algorithm to \u201cthink more like a human.\u201d AI research and deployment company Open AI suggests explicitly training algorithms against adversarial attacks<\/a>, training multiple defense models, and training AI models to output probabilities rather than hard decisions, which makes it more difficult for an adversary to exploit the model.<\/p>\n

Training can also be used in threat detection \u2013 for example, training computers to detect deepfake videos by feeding them examples of deepfakes compared with \u201creal\u201d videos.<\/p>\n

IT teams can also achieve \u201can ounce of prevention\u201d through baking security into their AI\/ML applications from the beginning. When building models, keep in mind how adversaries may try to cause damage. A variety of resources, like IBM\u2019s Adversarial Robustness Toolbox<\/a>, have emerged to help IT teams evaluate ML models and create more robust and secure AI applications.<\/p>\n

Where should organizations start their efforts? Identify the easiest attack vector and try to bake it directly into your AI\/ML pipeline. By tackling concrete problems with bespoke solutions, you can mitigate threats in the short term while building the understanding and depth needed to track long-term solutions.<\/p>\n

\n
\n
\n

MORE ON ARTIFICIAL INTELLIGENCE AND SECURITY<\/p>\n<\/p><\/div>\n<\/div>\n<\/div>\n

Attackers armed with AI pose a formidable threat. Bad actors are constantly looking at loopholes and ways to exploit them, and with the right AI system, they can manipulate systems in new, insidious ways and easily perform functions at a scale unachievable by humans. Fortunately, AI is part of the cybersecurity solution as well, powering complex models for detecting malicious behavior, sophisticated threats, and evolving trends \u2013 and conducting this analysis far faster than any team of humans could.<\/p>\n

[ Get the eBook: Top considerations for building a production-ready AI\/ML environment.<\/a> ]<\/strong><\/p>\n<\/div>\n<\/div>\n<\/div><\/div>\n<\/p><\/div>\n<\/div>\n

Published at Tue, 16 Feb 2021 06:56:15 +0000<\/p>\n

The future of online learning: the long-term trends accelerated by Covid-19<\/a><\/p>\n

[unable to retrieve full-text content]<\/em><\/p>\n

Domingue points to artificial intelligence<\/b> (AI) and the concept of an online library for educators based on a Google search engine dedicated to education, …
Published at Tue, 16 Feb 2021 06:56:15 +0000<\/p>\n","protected":false},"excerpt":{"rendered":"

When bad actors have AI tools: Rethinking security tactics How can you prepare for a…<\/p>\n","protected":false},"author":3,"featured_media":5065,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[3],"tags":[],"class_list":["post-5064","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-artificial-intelligence"],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/techclot.com\/wp-content\/uploads\/2021\/02\/cio_robot.png?fit=620%2C350&ssl=1","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p3orZX-1jG","jetpack-related-posts":[],"_links":{"self":[{"href":"https:\/\/techclot.com\/index.php\/wp-json\/wp\/v2\/posts\/5064","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/techclot.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/techclot.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/techclot.com\/index.php\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/techclot.com\/index.php\/wp-json\/wp\/v2\/comments?post=5064"}],"version-history":[{"count":0,"href":"https:\/\/techclot.com\/index.php\/wp-json\/wp\/v2\/posts\/5064\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/techclot.com\/index.php\/wp-json\/wp\/v2\/media\/5065"}],"wp:attachment":[{"href":"https:\/\/techclot.com\/index.php\/wp-json\/wp\/v2\/media?parent=5064"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/techclot.com\/index.php\/wp-json\/wp\/v2\/categories?post=5064"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/techclot.com\/index.php\/wp-json\/wp\/v2\/tags?post=5064"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}