When most people hear about cyber-attacks, they imagine suspended monitors, ransomware demands, ransomware and DDoS attacks that disrupt connectivity for hours or even days. But some experts fear that with the advent of widespread artificial intelligence in the hands of hackers – both lone wolves and states – we may be entering an era of “cyber-physical attack.”

A few months ago, Chinese hackers broke deep into the U.S. cyber infrastructure to do serious damage. They attacked water treatment plans, the electrical grid, transportation systems and other critical infrastructure in the US.

All told, with the widespread emergence of generative artificial intelligence, concerns have grown that physical attacks will be the next phase of cybercrime.

There have even been simulations of cyberattacks in the lab that have ended in explosions. It has been possible to hack into computer-controlled pump motors and cause them to burn out. Attacks that cause temperature gauges to fail, jam pressure values and bypass circuits could also cause explosions under laboratory conditions. Such an outcome would bring much more than a temporary shutdown of the system, as is the case with a typical cyber-attack.

If a power plant is stopped by a typical cyberattack, it will come back online quickly, but if hackers cause it to explode or burn down, there will be no way to get it back online a day or two after the attack; it will take weeks and months because many parts of these specialized systems are custom-made, so downtime can be significant.

Technology, backed by artificial intelligence, can wreak havoc on physical systems. However, for such attacks to occur, three elements must be present: opportunity, opportunity, and motivation – and it is this last element that is the only thing stopping attacks.

Artificial intelligence could make it easier for someone who lacks the skills and patience to attack industrial control systems themselves. Hackers could use generative AI to create code for various controllers, and once a bad actor takes control of a controller, it can wreak havoc on industrial systems. And while industrial controls are difficult to hack, there is a real risk that artificial intelligence provides even inexperienced hackers with tools that can improve their attack.

Many industrial systems still rely heavily on legacy systems that have had poor security for many years. The advent of artificial intelligence makes it much easier to exploit these vulnerabilities. It is important to keep in mind that cyber-attacks using artificial intelligence can happen very quickly, and will be complicated to detect and mitigate.

However, we must keep in mind that the use of artificial intelligence does not only have negative consequences, but artificial intelligence also plays a key role in strengthening cyber defenses, detecting and responding to threats more effectively by analyzing vast amounts of real-time data and identifying malicious activity.

So, what should you do to protect your organization from the possible effects of cyber-attacks using AI?

Preventive measures are key here:

– regular security audits,

– penetration tests,

-verification of the functioning of technical as well as organizational solutions that have a direct impact on the security of the organization, information, data, ICT systems and devices.

These are standard methods. In addition to specific actions, the focus should be on strategy. Only a comprehensive approach to threat topics will make it possible to realistically counter threats.

It is also important to remember that in order not to be left behind, it is necessary to keep up to date with technical innovations and follow trends.

Hackers are constantly looking for new solutions, opportunities for attacks, so why shouldn’t we do the same? Because to defend ourselves effectively, it is first necessary to know the types of threats we face.

Photo: Unsplash