Wooden Spoon: Blog

Cybersecurity and AI - How AI is Changing the Landscape of Security

Cybersecurity and AI – How AI is Changing the Landscape of Security

Artificial intelligence is here, and it’s not going anywhere anytime soon. While there are many discussions about using AI in creative areas such as art and writing, other industries have already begun incorporating AI into their daily lives. You can find AI in search engines, for example, and in other pieces of software. AI has also found a home in cybersecurity and, unfortunately, cyberterrorism.

AI has made cyberterrorism easier, which means security experts have had to quickly find ways to counter these new methods of attack. Many of these solutions have pitted AI against AI by using artificial intelligence to defend against attacks from automated software. This, of course, has changed how people react to different cyberattacks. Let’s take a look at how AI has changed the landscape of cybersecurity and how businesses need to prepare and educate their employees on these new threats.


AI Boosts Threat Detection by Detecting Suspicious Activity

Detecting threats is the first step to dealing with them. While you may have built up a powerful defensive network around your data, it’s still possible for you to get hacked. In fact, many experts like to take an “when, not if” approach to cyberattacks, i.e., it’s not a question of if you’ll be attacked, it’s when. Even very small businesses are targeted by hackers. Sometimes, they’re even more of a target because cyberterrorists assume they will not have strong defenses.

Some attacks are fairly easy to detect. For example, brute force attacks that start generating potential passwords are very noticeable. When an account tries hundreds of incorrect passwords every minute, you know something’s wrong. It doesn’t take a cybersecurity expert or advanced AI to recognize that humans don’t do that.

Unfortunately, there are other, more subtle ways hackers can get into your system. Maybe they already have. If someone managed to get an employee’s password, they could already be poking around in your data. How can you tell that the account has been compromised? Network analysis tools can monitor user activity and compare it to a database of specific actions. For example, if a low-level employee suddenly starts trying to access sensitive customer data that they don’t have permission to view, it raises a red flag. One time may have been an accident, but if the account tries to access the data multiple times, the monitoring program will flag it or lock out the account.

This is one area where AI can improve on what we already have. Monitoring tools compare actions to a set of red flags, but AI can build that set in real-time. It can see what specific accounts do and take it all into consideration. Maybe a hacked account tried to access a few minor areas that wouldn’t necessarily raise warning flags to a standard tool, but an AI can watch that account’s activity and adapt to these new actions and patterns. It would flag the account as a threat after seeing activities that are unusual but maybe aren’t immediately suspicious.

man giving a fist bump to an AI controlled robotic fist

Combat AI Hackers with AI Security

You’ve probably seen movies where a hacker is typing furiously at a keyboard. Lines of code flash by on the screen, and then the hacker says something like “I’m in.” While this is obviously exaggerated for Hollywood, old-school hacks did often involve a nefarious villain in a dark room with multiple monitors all around them. Today, that person has been replaced by an AI. The AI can analyze your security, determine vulnerabilities, and adapt as it hacks. In many cases, this is more dangerous than a person trying to hack you.

Fortunately, AI defenses can block these AI hackers. Traditionally, when a hacker discovers a vulnerability in a piece of code, that vulnerability can be exploited until it’s patched. While some vulnerabilities are patched within a few days, others go undetected for months. Someone could be in and out of your system every day without you knowing. AI, however, can learn. It can detect these types of intrusions and react. The AI may even be able to temporarily patch the exploit using generated code or by locking down specific ports or other channels. If nothing else, it at least identifies the weakness and reports it to human programmers to fix.


AI Helps Employees with Security and Threat Recognition

While AI can be a great tool for monitoring your system, it can also be used to test your defenses. You can direct an AI to act as a hacker. It will check your defenses, look for vulnerabilities, and even try to trick employees into giving it access. Using AI in this way allows you to proactively find where your defenses are weak and boost them before they’re attacked, a major advantage considering cybersecurity is often a reactive industry.

Of course, AI is a two-edged sword here, too. Yes, AI can be used to analyze incoming emails for phishing scams or block phone calls from numbers that have been reported as unsafe, but it can also be used to create these threats. AI can scan legitimate emails from a company and use them to generate fake ones that look incredibly real. It can be very easy for employees to fall for these scams unless they’ve been trained on how to detect phishing scams. Even with AI flagging such emails with alerts, it still comes down to the employee and whether or not they heed that warning.

AI can help train your employees by generating fake emails for them to study. It can even send fake phishing emails to randomly selected employees to test them. AI can flag suspicious messages, files, and text messages, too, in order to help protect employees. As it learns, these AI will get better and better at filtering out spam and scams while allowing legit information through.

A man's head next to the representation of an AI head

Will AI Ever Fully Replace Cybersecurity Experts?

With everything that AI can do, does that mean it will eventually replace people? There’s certainly a lot of fear over AI replacing artists and others, but will it ever happen? With AI as it is now, it’s not likely. AI is very good at copying things and using what’s available, but it can’t truly create anything unique yet.

What this means for cybersecurity is that AI can watch what users do and build a profile from it, but it can’t make that intuitive leap that a human can. It may be able to anticipate what someone would do based off of their past actions, but humans aren’t always logical. We’re creative and random. Sometimes we do something completely different just because the mood strikes. These types of impulses often throw AI off. Without human-like judgment, the AI won’t always be able to defeat human hackers.

AI has other limitations, too, that will always hold it back from overtaking humans. While it can generate code, it can’t make something totally new. If you’re in need of a custom piece of code to patch a vulnerability or add additional layers of protection, AI will fall short. It can’t create custom solutions. The same is true for AI in creative areas. It can’t create new art that has no basis on other pieces or write a novel that doesn’t draw on previous books.

AI always has to have data, and it truly needs a large amount of data to be effective. If you don’t have a lot of data to feed your security AI, it’s going to be fairly basic. It won’t be able to fend off advanced attacks until it has data from previous hacks. Even then, if it’s low-quality data, the AI may make incorrect assumptions and still fail to defend you.

Another issue can best be described as “who watches the watcher?” or, put another way, what’s keeping your AI security system secure? Hackers may shift gears and assault your AI directly. At the end of the day, an AI security system is still a type of software and can be hacked or disrupted. If your security AI is vulnerable, hackers can take it out or redirect it away from their activities.


Wooden Spoon Understands AI and What it Brings to the Table

Here at Wooden Spoon, we are constantly learning about new advances in technology and how they affects efficiency and data protection. This includes learning how AI will affect cybersecurity and your data. Whether you plan on using AI or not, you still need to be aware of how it’s potentially being used against you. Being prepared for potential AI hacks will help you build defenses against such attacks or quickly respond to them when they occur.

What we think of as AI today is only the beginning. Will we ever get to the point where we have sentient androids like we see in science fiction? Who knows, but what we do know is that we can’t pretend AI isn’t being used in both positive and negative ways today. Understanding AI and what it means for your business has to be a part of your cybersecurity plans.

Wooden Spoon can help you create response plans to attacks, boost your cybersecurity where necessary, and much more. Reach out today to learn more about what we can do for you.


Zach Mesel

Zach Mesel

Technology is in Zach’s blood. Zach spent much of his youth in his father’s cardiac research labs, either as a test subject for his father’s research, or playing games with his older brother on mainframe computers. Zach earned his BS in Management Information Systems in 1988 from the University of Arizona, and then worked for IBM in Boulder, Colorado, and Palo Alto, California until 1995. He started Wooden Spoon in 2002.