The Evolution of Cyber Attacks: From Worms to AI-Powered Threats
It has now been over three decades since the Morris Worm infected an estimated 10% of the 60,000 computers that were online in 1988. It was the personal malware project of a Harvard graduate named Robert Tappan Morris, and is now widely deemed to be the world’s first cyber-attack.
The Rise of Cyber Crime
Fast forward to today, and cyber attacks now stand among natural disasters and climate change in the World Economic Forum’s annual list of global society’s gravest threats. As businesses, schools, hospitals, and pretty much every other thread in the fabric of society have embraced the internet, cyber crime has transformed from an academic research project into a global marketplace of professional hacking services, and on the geopolitical stage, governments have turned to hyper-advanced cyber attack tools as a means of causing physical damage and disruption to their adversaries’ critical infrastructure.
The Evolution of Defenses
Over the years, hackers have consistently reinforced the old adage: ‘where there’s a will there’s a way’. Defenders have inputted new rules into their firewalls or developed new detection signatures based on attacks they have seen, and hackers have constantly reoriented their attack methodologies to evade them, leaving organisations playing catch-up and scrambling for a plan B in the face of an attack. A paradigm shift came in 2017 when the destructive ransomware ‘worms’ WannaCry and NotPetya caught the security world unaware, bypassing traditional tools like firewalls to cripple thousands of organisations across 150 countries, including a number of NHS agencies.
The Rise of AI-Powered Defenses
A critical response to the onset of increasingly sophisticated and novel attacks has been AI-powered defences, a development driven by the philosophy that information about yesterday’s attacks cannot predict tomorrow’s threats. In recent years, thousands of organisations have embraced AI to understand what is ‘normal’ for their digital environment and identify behaviour that is anomalous and potentially threatening. Many have even entrusted machine algorithms to autonomously interrupt fast-moving attacks. This active, defensive use of AI has changed the role of security teams fundamentally, freeing up humans to focus on higher-level tasks.
The Next Evolution: AI-Powered Attacks
But if attackers can find a way to scale up their attacks, they will do it. Adversaries ultimately think like enterprises: How can I make my hackers more efficient? How can we attack even more targets? How can I achieve more results with less resources? In what is the attack landscape’s next evolution, hackers are taking advantage of machine learning themselves to deploy malicious algorithms that can adapt, learn, and continuously improve in order to evade detection, signalling the next paradigm shift in the cyber security landscape: AI-powered attacks.
The Future of Cyber Security
We can expect offensive AI to be used throughout the attack life cycle – be it to use natural language processing to understand written language and to craft contextualised spear-phishing emails at scale or image classification to speed up the exfiltration of sensitive documents once an environment is compromised and the attackers are on the hunt for material they can profit from. A recent study by Forrester found that 88% of security professionals expect AI-driven attacks will become mainstream in what has already proven to be an era of hyper-change in cyber attacks, and close to half of them see this happening in the next year – it is only a matter of time.
Conclusion
In this new era of cyber security, AI will be the norm, and organisations must be prepared to adapt to this new reality. As we move forward, it is crucial that we continue to invest in AI-powered defences and develop innovative solutions to counter the evolving threat landscape. Only by doing so can we ensure the protection of our digital infrastructure and the safety of our online activities.
FAQs
- What is the future of cyber attacks?
AI-powered attacks are expected to become the norm, with hackers using machine learning to deploy malicious algorithms that can adapt, learn, and continuously improve in order to evade detection. - How will AI change the face of cyber security?
AI will change the role of security teams fundamentally, freeing up humans to focus on higher-level tasks and enabling the use of machine algorithms to autonomously interrupt fast-moving attacks. - What is the impact of AI on the attack landscape?
AI will increase the speed and efficiency of attacks, making it easier for hackers to attack more targets with less resources.
