By Kyle Wiggers
“Offensive AI” will enable cybercriminals to direct attacks against enterprises while flying under the radar of conventional, rules-based detection tools. That’s according to a new survey published by MIT Technology Review Insights and Darktrace, which found that more than half of business leaders believe security strategies based on human-led responses are failing.
The MIT and Darktrace report surveyed more than 300 C-level executives, directors, and managers worldwide to understand how they perceive the cyberthreats they’re up against. A high percentage of respondents (55%) said traditional security solutions can’t anticipate new AI-driven attacks, while 96% said they’re adopting “defensive AI” to remedy this. Here, “defensive AI” refers to self-learning algorithms that understand normal user, device, and system patterns in an organization and detect unusual activity without relying on historical data.
Sixty-eight percent of the executives surveyed expressed concern about attacks employing AI for impersonation and phishing, while a smaller majority said they’re worried about more effective ransomware (57%), misinformation and the undermining of data integrity (56%), and the disruption of remote workers by targeting home networks (53%). Of the respondents, 43% underlined the damaging potential of deepfakes, or media that takes a person in an existing image, audio recording, or video and replaces them with someone else’s likeness using AI.
As the report’s coauthors write, when offensive AI is thrown into the mix, “fake email” could become nearly indistinguishable from trusted contact messages. And with employees working remotely during the pandemic — without the security protocols of the office — organizations have seen successful phishing attempts skyrocket. Google registered over 2 million phishing websites since the start of 2020, when the pandemic began — a 19.91% increase compared with 2019.
Businesses are increasingly placing their faith in defensive AI to combat the growing cyberthreats. Known as an autonomous response, defensive AI can interrupt in-progress attacks without affecting day-to-day business. For example, given a strain of ransomware an enterprise hasn’t encountered in the past, defensive AI can identify the novel and abnormal patterns of behavior and stop the ransomware even if it isn’t associated with publicly known compromise indicators (e.g., blacklisted command-and-control domains or malware file hashes).
According to the survey, 44% of executives are assessing AI-enabled security systems and 38% are deploying autonomous response technology. This agrees with findings from Statista. In a 2019 analysis, the firm reported that around 80% of executives in the telecommunications industry believe their organization wouldn’t be able to respond to cyberattacks without AI.
Reflecting the pace of adoption, the AI in cybersecurity market will reach $38.2 billion in value by 2026, Markets and Markets projects. That’s up from $8.8 billion in 2019, representing a compound annual growth rate of around 23.3%.
“With the onset of AI-powered attacks, organizations need to reform their strategies quickly, be prepared to defend their digital assets with AI, and regain the advantage over this new wave of sophisticated attacks,” the report’s coauthors wrote. “By automating the process of threat detection, investigation, and response, AI augments human IT security teams by stopping threats as soon as they emerge, so people have the time to focus on more strategic tasks at hand.”
