There is no doubt that the emergence of artificial intelligence (AI) will bring a change to how things are perceived, done and how decisions are made. The emergence of new cyber threats daily as well as the change in the dynamics of previously existing threats will not only change the threat type but will also change the threat landscape. The threat landscape can be described as the total environment that cyber threats emerge from. This includes understanding who the adversaries are that want to break into our “system”, what tools are used when doing the “breaking” as well as the type of attacks. Upgard also describes threat landscape as the scope of the current risk an organisation, a user group, an industry or even a nation - faces at a particular point in time.
Artificial Intelligence despite having great positives on the society, also has lots of negatives that should not be pushed aside. The integration of AI into the banking system, healthcare, defence and all other systems in the society will grow the attack surface. For example, it will become easier to automate various cyber attacks. This automation of attacks will make attacks occur at a larger unimaginable scale, occur at a faster pace, make attacks more sophisticated and enable more robust attacks. Asides from this, It would become harder to detect AI attacks as compared to attacks perpetrated by humans. AI would come with an increase in social engineering, deepfakes, misinformation, malware attacks and manipulation tactics.
Threat types on the other hand which describes the various categories of cyber threats - will change based on the intent of humans since these threats are determined by human goals and intention. For example, data stealing which is a category of threat requires a human intent. It requires that a human has the intention or goal to steal data for it to be possible. AI will not change the “human intent” but can change the scale, the scope and sophistication of threat types. The scale/scope of a threat type such as data manipulation for example will become greater with AI and could affect more systems as compared to before the emergence of AI. Attackers could also alter the data used to train AI models which will then result in the trained system making biased decisions. AI attacks could also more easily target individuals in cases of identity theft.
More threat types will definitely emerge with AI. This is because the emergence of AI will change the way bad actors think as actors will leverage on their access to a wider coverage and scope. The intent of attackers will however still remain the same, most of which includes but is not limited to: sabotage, financial gain, identity theft and others. Threat landscape on the other hand will face the most dramatic change because AI will change who carries out threats (more people will be involved ), how the threats will be carried out (more complex tools will be used) and where the threats will be carried out (sometimes no special place or venue will be required).
This should be discussed more on a larger scale. Are you open to collaborating? We will send you a message via your contact form.
Very nice article
This is yet another good insight to the ever changing IT world. I am always looking forward to your details write up on topics that are hardly discussed this days. Thank you for sharing this once again.
Excellent