ScaleUp AI 2022: Hackers Using AI to Penetrate Defenses

The future of cybersecurity is AI – both for defenders and attackers, according to SentinelOne’s Nicholas Warner.

During a keynote at ScaleUp: AI, the COO suggested that AI is both a savior and a thorn in the side of cybersecurity, with cyberattacks becoming a geopolitical and personal problem as well a corporate one.

“We live in a connected world and that has meant an enormous opportunity for adversaries,” he said.

Warner told attendees that to further increase attacks, hostile actors are leveraging AI and ML in several ways, including deploying deceptive deepfakes, penetrating test apps to find vulnerabilities and even deciding what or whom to target.

“It’s become asymmetric,” he suggested, adding that they’re using AI to “laterally spread” their attacks so to “punch far beyond their weight.”

Warner also pointed to the rise of cryptocurrencies as being a leading reason for increases in cyberattacks.

“Ransomware attacks wouldn’t exist if there wasn’t some kind of untraceable currency they couldn’t demand,” he said, suggesting that malicious attack numbers have risen at a similar pace to the use of mainstream cryptocurrencies like Bitcoin and Ethereum.

And one other issue he highlighted was the tech designed to prevent attacks. He described legacy technologies like personal software from vendors such as MacAfee as “a lighthouse that’s never quite current, showing you the attacks of tomorrow and not today.”

He turned to cloud-based monitoring, where humans continuously supervise both virtual and physical servers for threats and vulnerabilities, saying it works well, but that 99% of the industry cannot afford the staff or capacity to monitor systems in such a manner.

Warner instead touted the need for what he called ‘autonomous cybersecurity’ — where AI and ML tools are embedded to monitor behavioral changes in systems. “Having machine-speed decision-making is changing the game,” he said.

The SentinelOne COO proudly told attendees that prolific attacks like banking trojan TrickBot or spam mail trojan Emotet had “no impact [on] AI systems.”

And turning to the ongoing war in Ukraine, Warner said his team found two Russian-originating Wiper Attacks, which destroy systems and typically do not ask for ransoms. He revealed the cyberattacks were targeting satellite internet modems in both Ukraine and Germany.

To combat threats, Warner called for fighting fire with fire – “we need to leverage the same type of technology in response.”

“The future of cybersecurity is AI – not just from defenders by attackers. The question remains, whose AI will win − that situation will play out” in the near future.

This article first appeared in IoT World Today’s sister publication AI Business.