Machine learning and artificial intelligence (AI) are key components of many threat detection and response platforms. The ability to continuously learn and automatically adapt to changing cyber threats is advantageous for security teams.
Yet, some ethical hackers are also using machine learning and AI to evade security safeguards, uncover new vulnerabilities, scale up their cyberattacks at an unprecedented rate, and with disastrous results. The top 9 ways that ethical hackers will employ machine learning in their attacks are listed below.
Spam
Defenders have been using machine learning to detect spam for decades. If the spam filter the attacker is using generates a score or provides explanations for why an email message was rejected, the attacker may change their behavior. They would be enhancing the efficiency of their attacks with legal technology.
Enhancing Phishing Emails
Machine learning will be used by ethical hackers to craft phishing emails that are intended to stimulate interaction and clicks yet do not show up in bulk email lists. They do more than just read the email’s text. Images, social media profiles, and other content can be produced by AI to offer communication the highest possible credibility.
Superior Password
Criminals are also using machine learning to hone their password-guessing abilities. Additionally, they employ machine learning to identify security measures so they can guess better passwords with fewer tries, raising the probability that they will be successful in accessing a system.
Deepfakes
The creation of deep fake technologies that may generate audio or video that is impossible to distinguish from actual human speech is the most concerning application of artificial intelligence. Fraudsters are now using AI to construct realistic-looking user profiles, images, and phishing emails to make their messages appear more legitimate. This industry is enormous.
Countering Commercial Security Tools
Currently, artificial intelligence or machine learning are present in many commonly used security technologies. For instance, anti-virus technologies are looking for suspicious activity more and more often now than just the basic indicators. Instead of using the virus to defend against attacks, attackers may modify it using these methods to escape detection.
Reconnaissance
Attackers can use machine learning for reconnaissance to look at their target’s traffic patterns, defenses, and potential vulnerabilities. Given how challenging it would be, it is unlikely that the usual cybercriminal would engage in such activity. Yet, if the technology is ever advertised and provided as a service by the criminal underworld, it may become more widely accessible.
Independent Agents
If a company discovers that it is being attacked and turns off internet connectivity for affected machines, malware may not be able to link back to its command-and-control servers for instructions.
AI Toxicology
An attacker can trick a machine learning model by feeding it new data. A hijacked user account, for instance, might sign into a system every day at 2 a.m. to do minor chores, trick the system into believing that working at that hour is usual, and minimize the amount of security checks the user must undergo.
AI snooping
Reputable software engineers and penetration testers use fuzzing tools to generate random sample inputs to crash a program or find a vulnerability. The most advanced versions of this software use machine learning to generate inputs that are more focused and sorted, prioritizing inputs like text strings that are most likely to cause problems. Because of this, fuzzing technologies are more deadly in the hands of attackers as well as more useful for enterprises.
