Firewall Security Company India Complete Firewall Security Solutions Provider Company in India
The New Battlefield in Cybersecurity, ETCISO
From the battlefield to the datacenter, artificial intelligence (AI) may become the dominant factor in determining the outcome of any conflict. With parallels to the harnessing of nuclear fission back in the 1940s, AI seems to be reaching a tipping point, radically changing the nature of conflict and potentially altering the balance between attackers and defenders.
Already used extensively in the optimization of data analysis, logistics and decision-making, AI has pervaded all sectors – including military. On the battlefield, the most prominent use so far, recently demonstrated to devastating effect in Russia and Ukraine, has been in unmanned aerial vehicles (UAVs). These range from quadcopters that serve as kamikaze-like munitions as well as delivery systems capable of firing multiple missiles and returning for resupply like piloted aircraft.
Once purely the stuff of science fiction, the prospect of future battles being fought between robotically augmented human warriors and their supporting drones (either individual or in swarms) now seems not only plausible but likely. Certainly, AI is set to play an increasingly important role in future conflict and heralds a likely revolution in military affairs.
Unsurprisingly, the influence of AI in cyberwarfare promises to be greater still and possibly to be evolving even faster.
The Rise of GenAI
The explosion of AI into public awareness is mostly due to the recent emergence of powerful generative AI (GenAI), enabled by advances in processing speed and deep learning models that enable GenAI to be increasingly powerful and affordable.
However, in addition to GenAI, we see continued advances in discriminative/predictive AIs that is central to both AI-powered automation and cybersecurity. Predictive AI has been a cornerstone of cyberthreat research and response for over a decade, and FortiGuard Labs (Fortinet’s threat research organization), derives actionable threat intelligence from the billions of pieces of security data it collects each day.
But while discriminative AI continues to play a vital role in cyber-defense, the revolution in GenAI is a tide that raises all boats – both friendly and foe.
Cyberthreats Increasing in Volume and Variety
Unlike discriminative AI, which focuses on predicting what category a new piece of data belongs to, GenAI can synthesize entirely novel data including text, images and, most significantly in this context, computer code. As such, GenAI is poised to democratize the development of software, increasing the number of vulnerabilities malicious actors exploit from its current level of less than 5% of the total and broadening the variety and diversity of attacks. Furthermore, GenAI can generate code much faster than human programmers, potentially shrinking the time window between public disclosure of new vulnerabilities and the emergence of malware to exploit them.
So, while customers might typically have had days or even weeks to apply vendor-created patches or workarounds for newly discovered vulnerabilities, with GenAI, we may soon see exploits in the wild within hours or even minutes. Furthermore, attackers can use GenAI to quickly analyze new patches and security response tactics and produce new variants to evade or defeat them.
In addition to its use in the coding of exploits, GenAI is also being used to increase the credibility of phishing and other social engineering attacks, creating ever-more convincing text, voice, and even deep-fake video interactions with victims.
Even the reconnaissance phase of cybercrime (identifying the most lucrative potential victims and mapping their networks) is being transformed by AI, increasing the breadth, speed, and accuracy of pre-attack examination and assessment of potential targets.
Intelligent, Automated Cybersecurity – Is it Enough?
Of course, as well as enabling malicious cyber actors to search for vulnerabilities, AI is being used to find bugs and mitigate potential security flaws in legitimate software. This is especially important where developers make use of open-source and other 3rd party software modules in their software supply-chains.
As a result, an increasing number of cybersecurity solutions already use AI to assist in identifying vulnerabilities and prioritizing their resolution. Similarly, with the volume of security data expanding as the number of digitally connected devices and applications continue to grow, security teams that are already thinly stretched due to the global skills shortage can leverage AI-powered automation to interpret the torrent of raw data from across their networks and determine and execute the most appropriate response to anomalous or malicious activity.
Traditional stove-piped cybersecurity solutions, point products designed to protect against specific categories of threat, often fail to stop today’s more sophisticated multi-vector attacks. Consequently, solutions that make use of AI to help correlate indicators of compromise from multiple sources of data and integrate defensive activity across disparate security solutions are better able to deal with AI-powered attackers.
However, despite the clear and numerous advantages of AI-powered cybersecurity, there is another, more insidious problem lurking below the surface. Even if patches for known software vulnerability exploits are made available to users of those products, patches must be applied to be effective. The term “N-day vulnerability” refers to the number of days (N) since a vulnerability was disclosed and a patch was released, and many users fail to apply patches in a timely fashion—or even at all. An attacker doesn’t need to develop a novel (Zero Day) exploit when lucrative targets fail to apply existing patches to resolve known vulnerabilities. AI can help enterprises with vulnerability management, identifying vulnerabilities and even applying patches, but too few organizations currently avail themselves of such tools.
The Road Ahead
The AI genie is out of bottle and will change our world forever. To harness its power for good, optimizing autonomy and automation on the digital battlefield with strong, adaptive cybersecurity will be essential. But only through collaboration between industry, governments and other public bodies can we counter the scale and complexity of today’s AI-powered threat landscape.
Companies continue to innovate and deploy AI-enhanced solutions commercially, enabling governments to focus on the technically challenging and fast-moving national security challenges of AI-powered automation while leveraging commercial cybersecurity capabilities.
This means choosing partners with a track record of AI innovation (both generative and predictive) and who are committed to “Secure by Design”—the belief that strong security must be integral to the entire lifecycle of IT products and services from initial design to final deployment.
The author is Vivek Srivastava, Country Manager, India & SAARC at Fortinet.
Disclaimer: The views expressed are solely of the author and ETCISO does not necessarily subscribe to it. ETCISO shall not be responsible for any damage caused to any person/organization directly or indirectly.
