(and how it’s shaping cybersecurity for decades to come)
First off, let’s define what we mean by AI (artificial intelligence), because the definition can be varied, depending on who you ask. For some, it’s Haley Joel Osmont’s character David laughing that creepy laugh during the dinner table scene in the Steven Speilburg film AI, or, if you’re of a certain age, it’s HAL 9000, the sentient computer who goes on a eerily calm murder spree in the cold vacuum of space in Stanley Kubrick’s 2001: A Space Odyssey.
(Personally, I am super nice to Alexa, in the hopes that when the machines do take over, she might put in a good word for me!)
But all kidding aside, what are we really talking about here? In the cybersecurity world, we’re looking at predictive AI, and most experts recognize that there have been three waves of development with this type of network protection:
- Wave One: Human developers created guidelines for AI to follow. The first phase of AI could solve complex problems. If you’ve ever seen a chess match between a computer and a human being, this is a classic example of First Wave AI. The AI was supervised during the entire process, and gathered data to form a baseline with which other data would be compared. Then the AI would look for anomalies in any new, incoming data. The issue programmers ran into was that the information collected for the baseline quickly became outdated because hackers were evolving faster than the data could be updated. Which led to the creation of the next phase.
- Wave Two: Supervised and unsupervised AI, also known as “machine-learning AI” were used to create guidelines by relying on methods such as classification, clustering, and regression, which are used to help with making predictions. Although it was considered superior to first wave AI, it still had some limitations. Second Wave AI doesn’t have the capacity to draw conclusions or make predictions based on its own reasoning.
- Wave Three: Unsupervised by humans, computers “self-supervise” and make decisions based on their own reasoning and analytics. Third Wave AI is able to draw new conclusions and increases its own learning capacity. It’s considered “context aware.” Operating systems using 3rd wave predictive AI can adapt to changing situations.
So, now that we know what predictive AI is, why is it important for cybersecurity? Before we answer that, it’s important to realize that you are most likely using predictive AI everyday without realizing it. If you’ve ever used Uber, Lyft, or DoorDash, their apps use predictive AI to determine what time you’ll arrive at your destination or when your food will arrive. Also, if you’ve ever fly on a commercial airline, the average flight only involves an average of seven minutes of human-steered flight time, typically during take offs and landings. The rest of the time? Autopilot, which—you guessed it—is a form of predictive AI.
In terms of AI used in cybersecurity, it’s often seen in things like anomaly detection, threat detection, and cybercrime prevention. One benefit is that Third Wave assesses each situation in real-time, as it’s unfolding. Typically, odds favor hackers, but with Third Wave, those odds are being evened.
Statistically, companies that were using Third Wave experienced far less issues with hacking issues like ransomware attacks during the Covid-19 shutdown. With millions of employees suddenly working from home with little to no training on how to avoid sophisticated phishing scams, cyber criminals jumped on the opportunity to exploit any weakness that resulted from workers using unsecured networks. And those who had Third Wave predictive AI were able to adapt more quickly than their counterparts.
Perhaps the most apparent example of this was the string of zero-day attacks that occurred at the end of 2020 on several government agencies, including the Department of Homeland Security and the National Institute of Health. Considered one of the boldest cyber crimes ever committed, many people wondered how this could have happened “on US soil.” That’s a discussion for another blog, but suffice to say that Third Wave predictive AI has the capability to respond much faster because it’s real-time threat detection, versus a rules-based evaluation of the events unfolding. It may not sound that impressive, but every second counts when someone is trying to steal sensitive data and make you pay a ransom for it.
And yet, many people don’t feel entirely comfortable with trusting AI to be responsible for their safety. We find ourselves back to a HAL 9000 conundrum. Tesla made headlines last year when several of its self-driving cars crashed, all within a short time frame of one another.
And there is also the growing concern that as AI evolves, many people will find themselves out of a job and obsolete. To be fair though, it’s already been proven that this concern is somewhat unfounded. Predictive AI has actually been shown to create jobs. A recent article by Forbes Magazine indicated that although AI will eliminate roughly 85 million jobs by 2025, it will create 97 million more.
The main concern for most people is the moral and ethical question on AI. The Campaign to Stop Killer Robots, chartered in 2013, lobbies governments to halt the development of drones and other AI-powered machines. Frank van Harmelen, an AI researcher based in Amsterdam stated, “Any computer system, AI or not, that automatically decides on matters of life and death — for example, by launching a missile — is a really scary idea.”
Van Harmelen may be thinking back to an incident in 1983 where former Soviet military officer Stanislawv Petrov averted a potential global nuclear war when he noticed that Russian computers had incorrectly sent out an alert that the United States had launched a preemptive nuclear missile strike.
And yet, the benefits of AI are hard to ignore. One of the main challenges of cybersecurity is staying ahead of hackers. Ransomware attacks have grown exponentially in the last few years alone, and their success rates are alarming. When federal governments and hospitals treating COVID-19 patients are targeted with no mercy, it makes the days when financial devastation being the greatest consequence of being hacked seem like child’s play. Right now, AI is the only way to assess threats in real time and shut them down before they inflict serious damage.
Many people are not comfortable becoming bedfellows with AI, and that’s something to continue to pay attention to as we continue in the 21st century. It’s not an either/or situation. While AI might work for some cybersecurity scenarios, obviously at least as much (if not more) consideration needs to be given in the areas for example, such as military AI or robo doctors.
It’s a trend we’ll keep you up to date on, and in the meantime, feel free to reach out to us with any questions or concerns you have when trying to assess just how safe you are from things like a ransomware attack. Buzz Cybersecurity provides free assessments and provides preventative care for all of your digital integrity needs.