AI Hacking Machines Could Evade All Computer Security

Artificial-Intelligence-Heads-to-the-Enterprise.jpg

Artificial Intelligence programs are getting so sophisticated they are growing the capability to learn how to evade the best defenses computer security can put up, a team of researchers from IBM showed when they built a hacking scheme to get past top-tier stops.

The team used the intelligence technique known as machine learning to get around state-of-the-art defenses that examine what software is doing instead of analyzing software code for danger signs, the news agency Reuters reported, adding that new AI-driven programs can be trained to stay dormant until they reach a specific target, making them difficult to stop.

There’s been no reports of catching malicious software that relied on machine learning but the research showed it may be because the attack programs could be unstoppable, a nightmare scenario for computer security.

The fear is that it’s coming fast and getting easier to acquire free artificial intelligence building blocks for training programs available from Alphabet’s Google and other resources showing the idea is working, even in experiments.

“I absolutely do believe we’re going there,” Jon DiMaggio, a Senior Threat Analyst at cyber security firm Symantec Corp told the news agency. “It’s going to make it a lot harder to detect.”

The best hackers in countries intelligence services have shown they can build attack programs that activate only when they have reached a target, such as Stuxnet, used by US and Israeli spy services against a uranium enrichment facility in Iran.

The IBM effort, named DeepLocker, showed that kind of precision can be available to those with far fewer resources than a national government. In a demonstration using publicly available photos of a sample target, the team used a hacked version of videoconferencing software that activated only when sensing a specific target.

“We have a lot of reason to believe this is the next big thing,” lead IBM researcher Marc Ph. Stoecklin said. “This may have happened already, and we will see it two or three years from now.”

At a New York conference, Hackers on Planet Earth defense researcher Kevin Hodges showed off an “entry-level” automated program he made with open-source training tools that tried multiple attack approaches in succession.

“We need to start looking at this stuff now,” said Hodges. “Whoever you personally consider evil is already working on this.”

Previous
Previous

US Probes Microsoft for Bribery in Hungary: Workers Fired

Next
Next

Baltic Bank Scandals Show EU Can’t Contain Money Laundering