2022 will see the emergence of adversarial AI as a threat to organizations

Published: Wednesday, 08 December 2021 09:46

Hackers are turning to artificial intelligence to enhance the effectiveness of attacks on organizations. Brooks Wallace, VP EMEA at Deep Instinct, looks ahead to 2022 and the emerging threat of ‘adversarial AI’.

In the past two years we have seen an onslaught of ransomware attacks and cyber threats targeting organizations and industries around the world, and there looks to be no sign of it slowing down. With attackers continuing to advance their skillsets, 2022 will undoubtedly bring more attacks, and ultimately, more sophisticated threats. This includes the use of adversarial AI.

AI is one of the most advanced and rapidly fast-paced technologies of today. Most of the use cases we hear about is how organizations are using machine learning (ML), a subset of AI, to defend themselves against hackers. However, AI is now being used by bad actors to target organizations in order to launch cyber attacks and spread malware.

Adversarial AI manipulates the analytic and decision-making powers of AI and ML to develop cyber attacks in ways that were previously impossible by using ML tools to attack other ML tools. It exploits weaknesses in an organization’s network to fool systems into thinking that the incoming attacks are harmless, and therefore granting free access and movement virtually undetected. The result is that malicious data sets are reclassified as benign - and vice versa - allowing cyber criminals to send malicious programs into a business environment without the ML based security solutions flagging them as dangerous. 

It is a highly sophisticated attack method, and one cyber criminals are undoubtedly already using stealthily to target organizations. Due to the complexity of the attack, once the SOC team have identified a potential issue, it is often already too late. The extra dwell time this attack gives to the threat actors, the more opportunity they have to move throughout the network, inflicting more and more damage as they go.

Adversarial AI will only increase in the years to come, and organizations mustn’t be naïve to the genuine threat this attack can have on them as a business. For too long there has been a focus on what to do once your business has been hit. Wouldn’t it be better to be able to predict and prevent attacks before they enter and inflict damage on the network?

The ability to stop a hacker before they’ve had a chance to wreak havoc is no longer a pipe dream. It can be done using Deep Learning (DL) techniques, with this highly sophisticated approach creating neural networks, which mimic the human brain. As such, it can identify more complex, high-dimensional patterns and be more resilient, unlike the traditional machine learning. This allows it to counteract adversarial AI by outpacing the attacks and resisting attempts to change the model’s labelling. 

With threats as sophisticated as adversarial AI, we need to make 2022 a year of cyber change. The only way organizations can do this is if we look toward genuinely innovative solutions that don’t simply focus on mitigation, detection, and response. We all need to level-up and not only meet but surpass the techniques being used by our cyber adversaries.