Artificial Intelligence is no longer a prerogative for cyber defense, as hackers can exploit its potential to unleash targeted attacks. Thierry Berthier, academic and researcher at the Cybersecurity & Cyber-defense Chair of Saint-Cyr, briefs us on the current state of play.
Artificial Intelligence has already been used in cybersecurity for some years, both to secure systems and in the creation of intelligent defenses capable of adapting to threats. The AI allows us to supervise the networks without having to exploit a database of known threats or vulnerabilities.
“Artificial Intelligence learns about the normal functioning of the network by harvesting millions of basic events, to then define a dozen security warnings corresponding to serious threats», Thierry Berthier explains. A similar system could be capable of detecting and blocking data exfiltration attempts such as those behind Wikileaks.
The downsides
“Recently, hackers have started using AI to their advantage by industrializing the attacks and evading defenses,” Thierry Berthier points out. To do so, they include malwares in the statistical learning units, making the malicious entity intelligent and capable of deciding the right time to launch an attack. “The attribution of these threats during the retro-analysis phase is even more complex, since the AI is able to cover its tracks». Such an intelligent and dangerous threat necessarily leads cyber-defense techniques to adapt.
