2019 was the year of data breaches, phishing and ransomware attacks. From US real estate giant inadvertently leaking 900 million records to Danish hearing aid manufacturer Demant being a victim to a 95 million US dollars hack –cybercriminals ran rampant in the last year.
In the USA alone, there were ransomware attacks against 621 government agencies, schools and healthcare providers in the first nine months of 2019. Cybercrime also became much more sophisticated in the year. And this is a trend that will continue in 2020 and beyond.
While the classic phishing method –where a login page tricks a user into giving their information – is still very much popular, the use of Artificial Intelligence by malicious parties is an emerging threat that cannot be ignored.
This creates an interesting scenario where AI is being used for both orchestrating and preventing cybercrime. And in 2020, there will be a battle between companies and online criminals on who’s able to better utilize this technology.
Businesses Will Have to Deal With New Types of Threats
Criminals have become more innovative in their approach and businesses that are sleeping on their nefarious methods are in for a rude awakening. In particular, eCommerce stores that maintain a slew of customer data should implement procedures to stop any potential breaches. Otherwise, they’re unbearable losses. Everything from the databases of eCommerce stores to their coupon marketing structure is vulnerable to online threats. New forms of cyber crimes that are both conventional and AI-enabled are knocking on the doors of businesses.
1. Ransom Attacks on Cloud
Businesses depend on the cloud to store large bits of data. This means that if hackers find their way to the cloud console, the implications could be disastrous. Small and medium-sized enterprises could go bankrupt if hackers delete their workloads and data.
Many cloud-first companies have already paid a ransom to cybercriminals and with hacking becoming more sophisticated by the day, this threat isn’t going away any time soon.
2. Long Dwell Times
Cybercriminals have become much craftier with their attacks. They sometimes position themselves in their target’s system, moving laterally and patiently waiting for the right time to strike. By picking precise targets and attacking at the right moment, they’re able to make tremendous gains. These attacks are so lucrative that hackers can spend months planning and carrying out this activity.
3. Deepfake Technology
Last year, scammers used AI-based technology to imitate the voice of a German chief executive telling his subsidiary company to transfer $243,000 to a bank account. The criminals here used the deepfake tools, which can create audio and video.
To make matters worse. Deepfake technology is more accessible than ever before. The internet is filled with fake videos of celebrities, which are sometimes innocent but other times are used for pornographic purposes. Experts are worried that cybercriminals will use deepfakes to make fake videos of prominent business leaders to seek a ransom. Already, a deepfake of Facebook CEO Mark Zuckerberg has gone viral and there’s no telling who’s next.
4. DeepLocker Evasive Malware
DeepLocker takes a fundamentally different approach than contemporary evasive and targeted malware. It avoids detection by hiding itself in benign carrier applications like video conference software. One thing that makes DeepLocker unique is that it uses AI to make the trigger condition to unlock extremely difficult to reverse engineer. It uses a deep neural network (DNN) AI model to make sure the malicious payload only unloads when the intended target is reached.
One of the more serious aspects of the deep locker is that it outpaces humans when it comes to finding and executing attacks. Since it’s triggered AI itself instead of the developer of the original algorithm which implies that it can be triggered in locations beyond human control.
Here’s How AI Can Help
The combination of AI and cybercrime is a lethal one and requires something equally potent in response. Experts have suggested fighting fire with fire by integrated AI with existing cybersecurity functions. This has the potential of paving the way for cybersecurity operations that are equipped to deal with advanced threats.
Some of the ways in which AI can thwart cybercrime are below:
- Using predictive analysis to detect threats and malicious activities early on.
- Crafting accurate, biometric-based login techniques
- Securing conditional access and authentication
- Advancing learning and analysis through natural language processing
AI and deep learning, in particular, have the capability to detect and mitigate AI-infused malware before it can harm the system. With corporations continuing to invest millions into online security, this technology will improve further.
AI vs. AI in 2020
AI is transforming every facet of human life, mostly for the better. However, the threat of criminals using it for advanced cyber attacks is extremely real.
Using a deep learning-based approach, companies can fight malicious AI with friendlier AI. This technology is highly scalable when compared to other forms of anti-virus that remain stagnant when implemented. AI malware can change and grow constantly and the best chance against it is deep learning that can scale to millions of training samples. Deep learning technology can continuously improve its ability to detect malicious activities as the training dataset gets larger.
The landscape of cybersecurity is always somewhat unpredictable. But one thing that’s for certain is that the battle will be AI vs. AI in the year 2020.