Support 110 years of independent journalism.

  1. Spotlight on Policy
9 December 2020

How AI changed cyber security

Artificial intelligence has enabled new ways to attack systems, but also to defend them.

By Laurie Clarke

Cyber attacks are predicted to cost the world $10.5trn each year by 2025. It’s a trend that has accelerated during the Covid-19 pandemic. At the height of the crisis, Kaspersky reported soaring remote desktop protocol attacks on home workers, while IT security company Barracuda Networks found that Covid-related email scams leapt by as much as 667 per cent.

Read more: Prospering from a pandemic: How cyber criminals and nation-state actors are exploiting Covid-19

“Artificial Intelligence is playing an increasingly significant role in cyber security,” says Kevin Curran, a researcher at Ulster University. According to a study last year by Capgemini, a consulting and services group, 61 per cent of firms say they cannot detect breach attempts without using AI tools.

AI has a range of applications in cyber security, including network security, fraud detection, malware detection, and user or machine behavioural analysis. Its most popular application is in network security, where “the huge dimensionality and heterogeneous nature of network data” as well as the “dynamic nature of threats”, make it extremely useful, Curran says. “AI can use statistics, artificial intelligence, and pattern recognition to discover previously unknown, valid patterns and relationships in large data sets, which are useful for finding attacks.”

AI and machine learning systems can scan an organisation’s information systems to preemptively discover vulnerabilities. These AI networkmonitoring tools can detect and fix more irregularities than humanly possible by processing all of an organisation’s relevant data to create a picture of the “baseline” threat level. Any significant deviation from this baseline will result in the model flagging the activity as suspicious.

Select and enter your email address Your weekly guide to the best writing on ideas, politics, books and culture every Saturday. The best way to sign up for The Saturday Read is via The New Statesman's quick and essential guide to the news and politics of the day. The best way to sign up for Morning Call is via
  • Administration / Office
  • Arts and Culture
  • Board Member
  • Business / Corporate Services
  • Client / Customer Services
  • Communications
  • Construction, Works, Engineering
  • Education, Curriculum and Teaching
  • Environment, Conservation and NRM
  • Facility / Grounds Management and Maintenance
  • Finance Management
  • Health - Medical and Nursing Management
  • HR, Training and Organisational Development
  • Information and Communications Technology
  • Information Services, Statistics, Records, Archives
  • Infrastructure Management - Transport, Utilities
  • Legal Officers and Practitioners
  • Librarians and Library Management
  • Management
  • Marketing
  • OH&S, Risk Management
  • Operations Management
  • Planning, Policy, Strategy
  • Printing, Design, Publishing, Web
  • Projects, Programs and Advisors
  • Property, Assets and Fleet Management
  • Public Relations and Media
  • Purchasing and Procurement
  • Quality Management
  • Science and Technical Research and Development
  • Security and Law Enforcement
  • Service Delivery
  • Sport and Recreation
  • Travel, Accommodation, Tourism
  • Wellbeing, Community / Social Services
Visit our privacy Policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications.

As such, AI can be important for reducing “zero-day” attacks – where hackers take advantage of vulnerabilities in the software before developers can fix it. Curran says this market is “flourishing”.

But AI can also be wielded by malicious actors for large-scale attacks. Malware is increasingly automated by cyber criminals. Conventional cyber security systems flag malware attacks by identifying malicious code, but because attackers often tweak the code, it is difficult for traditional security software to spot it. AI systems can check the code against a vast database, and so they are much more adept at designating it as potentially malicious, even when the malware is incorporated into benign code.

Read more: How AI could kill off democracy

“Building static defense systems for discovered attacks is not enough to protect users,” says Curran. “More sophisticated AI techniques are now needed to discover the embedded and lurking cyber intrusions and cyber intrusion techniques”. But security professionals are quick to caution against AI evangelism. Humans will still be integral to security for the foreseeable future – necessary to fine tune AI models and see if they are working correctly. If not, organisations can be lulled into a false sense of security. And this could lead to far more devastating attacks.

This article originally appeared in a Spotlight report on cyber security. You can download the full edition here.

Content from our partners
What you need to know about private markets
Work isn't working: how to boost the nation's health and happiness
The dementia crisis: a call for action