Artificial intelligence tools are completely changing the way adversaries plan and perpetuate cyberattacks, and U.S. businesses and government agencies are prime targets for these new attacks. AI-based cyber threats are top concern for senior executives and risk managers, study finds. Gartner surveya leading research and consulting firm. To defend against these emerging threats, we must turn to AI-powered cyber defenses.
The current cyber defense landscape is largely based on rules created from past experiences. Think of simple “if, then” programming: if an attacker does this, we perform this action to stop them. A rules-based cyber defense works by quickly identifying attempted malicious activity, cross-referencing it to known attacks, and countering it with known defenses.
Unlike humans, generative AI can create almost infinite mutations of attacks intended to test for weaknesses and ultimately circumvent cyber defenses. These mutations can be longer, more complex and explore completely new attack vectors. Traditional rules and human analysts at the helm cannot identify these unique attacks quickly or clearly enough to mount an effective defense.
What’s worse is that malicious actors can test their AI against the same commercial cyber defense software that forms the basis of many cybersecurity systems. They deploy their AI tools in a sandbox, throwing thousands of different permutations at business software and rules to see what makes them fail. From there, they launch their most successful attacks into the real world to attempt to penetrate enterprise systems, government agencies, and critical infrastructure, all at a time and place of their choosing.
So far, the response to the changing cyber landscape has been to analyze, make more rules, add more tools, and hire more analysts to look at more data – which comes with additional costs – while the opponents continue to get away with it. The industry has adopted defense in depth, zero trustand every regulation you can think of. This makes the defensive environment even more complex, without addressing the underlying vulnerability: AI is faster and more varied than humans at certain tasks.
The solution is clear: AI-based threats must be met with AI-based defense. Our collective response to AI-driven cyberattacks cannot consist of more rules-based, human-managed cyberdefenses.
This is what an AI-based cyber defense system would look like.
First, an AI-based cyber defense must be able to test and confront an AI adversary. The offensive AI model will be able to create assaults and escapes faster than even the best highly trained professionals. In the development of Leidos, we have seen our AI models create thousands of attacks in the time it takes a highly skilled operator to conceptualize, construct, and execute one.
The deluge of test attacks created by the AI will allow the defensive AI to classify and analyze thousands of newly generated attack samples. With these never-before-seen attacks, defensive AI can create new cyber defenses – even before these threats occur in the real world. It’s not about detecting anomalies or recognizing patterns of past attacks – that’s the old way of doing things. This system would be able to identify and defend against threats that have never occurred before.
After training, AI cyber defense can be deployed as a co-pilot alongside human operators and integrated into an existing professionally configured firewall.
The resulting defender AI will give a decisive defensive advantage: the defensive system now has something that evolves over time and that an opponent cannot buy to test it against.
And this is not a theoretical discussion. Leidos has this capability deployed today on its network using real traffic.
AI has changed the game, and we must evolve with it. The only way to defend ourselves against AI deployed for nefarious purposes is to harness the benefits of AI for our own defenses.