Prediction: With artificial intelligence, the next generation of attacks will be difficult to detect

According to Drake Manki, global security strategist at global network security vendor Fortinet, the rise of artificial intelligence (AI) technology has enabled cybercriminals to develop the next generation of attacks Means, such as machine-generated malware, ransomware, and “cybercrime as a service.”

AI is a double-edged sword

Manki said various types of cybercrime services, including money laundering, may amount to 500 billion U.S. dollars or 1 trillion U.S. dollars in total. He pointed out that “cybercriminals are using artificial intelligence technology to implement automated attacks, which means that the implementation of cyber security breaches will be reduced from days in 2016 to hours in 2018 and may even be shortened to seconds in the next five years or A few milliseconds. ”

Various network security vendors, including Fortinet, are also using AI to manage various types of networked devices and complex networks in the hope of automating the detection of an increasing number of unknown attack threats.

Swarmbots self-learning mechanism to botnet activity frequently

Unlike previous attempts to use botnets to code and target multiple target attacks, future hackers will try to exploit autonomous learning mechanisms (“swarmbots”) of infected devices.

Manki introduced that these infected devices will be able to communicate with each other and take action without human intervention throughout the process. Such threats are likely to show exponential growth, and large-scale systems can even attack multiple targets simultaneously.

FortiGuard Labs recorded 2.9 billion botnet communications attempts in a quarterly cycle in 2017, which shows the severity of the swarmbots.

AI flooded with malware

Manki said ransomware will increasingly target high-value targets such as key information infrastructure such as cloud service providers, healthcare facilities, and government services. After attackers have been able to exploit the AI to discover loopholes in the target system, the extortion process can be easily accomplished.

In addition, AI is able to build malware using automated vulnerability detection and sophisticated data analysis mechanisms.

FortiGuard Labs recorded 62 million malware detections in a quarterly cycle in 2017. Manki pointed out that among the malware recorded by this device, there were a total of 16,582 variants from 2,534 malware families. One in five organizations reported having discovered malware targeting mobile devices. The increasing automation of malware will make this situation even more urgent in the coming years.

Stimulate dark network “hacker technology transactions”

Manki explained that the proliferation of AI and automation tools will lead to more crime-as-a-service attacks, selling stolen security code and providing advanced services such as money laundering through the dark or underground markets. Criminals upload attack code and malware and deliver and pay through underground markets. Even to shorten the cycle, criminals will rewrite the more use of machine learning technology code to circumvent the monitoring of safety equipment, increasing the difficulty of tracking work.

Manki said criminals could create fake websites to entice users to gain access to their devices, use them as mining devices for cryptocurrencies, or attack cryptocurrency trading platforms, causing currency prices to fluctuate or even fall.

As Thailand is transforming into a major digital economy and driving this change through a number of initiatives, including national e-payments and e-government services, cybersecurity will naturally become a core component of these services during this stage.

Manki concluded that the national cybersecurity agencies and various business organizations need to integrate security technologies to facilitate sharing of real-time information about threats and intelligence about viable threats while using mechanisms such as automated response, intelligence, and autonomous learning to enable the network itself Make more effective and proactive decisions.

Reference: Fortinet