Cybersecurity issues in the AI world

Cybersecurity vulnerabilities of AI/cognitive figure among top-three concern for all major countries. But, the foremost area of cybersecurity concern varies between countries.

Source: Based on global AI survey fielded as part of Future in the balance? How countries are pursuing an AI advantage, May 2019.

A recent Deloitte global study of AI early adopters revealed that more than four in 10 executives have “major” or “extreme” concerns about various types of AI risks, with “cybersecurity vulnerabilities” topping that list. At the same time, the reasons for these concerns vary among countries.¹

US executives are primarily concerned about hackers using AI to steal sensitive or proprietary data. Their Canadian counterparts, on the other hand, worry most about potential manipulation of AI data or algorithms. In France and Germany, executives are most concerned about adversaries using AI to automate tasks involved in executing cyber-attacks. French executives also expressed more concern than their counterparts from other countries about misuse of AI to impersonate authorized users and bypass cyber defenses. Executives in China worry most about bugs in AI/cognitive code that make a system vulnerable to potential cyber-attack.

These results show that executives at companies using AI today are aware of the range of threats to AI systems posed by hackers and other malicious actors. For instance, AI chatbots have emerged as a new doorway to cyber-attacks.²

Hackers are using AI technologies to create new cyber-threats as well. For example, the Emotet trojan malware is touted as a prototype AI-based cyber threat targeted at the financial services industry.³ With AI as part of their arsenal, cyber-criminals are getting creative. Some are starting to employ “deep fakes”—the use of AI to replicate and manipulate a person’s voice and image⁴—as a cyber-crime weapon. Recently, a CEO’s voice was falsified using AI to execute a fraudulent money transfer.⁵ Cyber researchers in Israel demonstrated the seriousness of AI-driven threats by developing malware that allows hackers to manipulate medical scans and produce fake cancer images, resulting in erroneous diagnoses.⁶

Although AI can expand the number of cyber-threats, it can be used to detect and mitigate them, too.

As outlined in Deloitte’s “Smart cyber” report, AI can augment predictive cyber-intelligence capabilities for organizations in several areas, such as risk-sensing, threat monitoring and detection, and automation of risk processes.⁷

AI technology solution providers have an opportunity to address emerging cybersecurity issues by, for example:

• Leveraging AI-enabled email-filtering services to detect anomalies and suspicious activities early-on, allowing for timely intervention and action.⁸
• Integrating AI-based machine learning into endpoint devices to identify malicious activities and respond to potential threats more quickly and accurately.
  
• Combining pattern recognition/natural language processing and next-generation firewall/threat detection solutions to build a more robust cyber-defense system.⁹

These and other solutions illustrate the potential of AI to become a powerful cybersecurity advantage rather than a threat.

This charticle authored by Karthik Ramachandran on September 11, 2019.

Subscribe to receive the latest charticle releases

Endnotes

¹ Jeff Loucks et al., “Future in the balance? How countries are pursuing an AI advantage,” Deloitte, May 2019. To obtain a global view of how organizations are adopting and benefiting from AI technologies, in Q3 2018 Deloitte surveyed 1,900 information technology and line-of-business executives from companies that are prototyping or implementing AI solutions. Seven countries were represented: Australia, Canada, China, Germany, France, the United Kingdom, and the United States.
² Paolo Passeri, “What can we learn from the chatbot attacks we’ve seen so far?,” Netskope blog, February 21, 2019.
³ William Dixon and Nicole Eagan, “3 ways AI will change the nature of cyber attacks,” World Economic Forum, June 19, 2019.
⁴ Jeff Loucks, “Lyin’Eyes: AI and Deepfakes,” Deloitte, October 2018.
⁵ Catherine Stupp, “Fraudsters Used AI to Mimic CEO’s Voice in Unusual Cybercrime Case,” The Wall Street Journal, August 30, 2019.
⁶ Kim Zetter, “Hospital viruses: Fake cancerous nodes in CT scans, created by malware, trick radiologists,” The Washington Post, April 3, 2019.
⁷ Nick Galletto et al., “Smart cyber: How AI can help manage cyber risk,” Deloitte, 2019.
⁸ See Dixon and Eagan, World Economic Forum.
⁹ Sam Bocetta, “Is AI fundamental to the future of cybersecurity?,” CSO Online, June 12, 2019; Marty Puranik, “AI-Powered Malware, Smart Phishing and Open Source Attacks, Oh My! The New Wave of Hacking in 2019 and How to Prevent,” CPO Magazine, May 2, 2019.