April 18, 2024

How to deal with cyber risk in the era of Artificial Intelligence

When most people hear about cyber-attacks, they imagine suspended monitors, ransomware demands, ransomware and DDoS attacks that disrupt connectivity for hours or even days. But some experts fear that with the advent of widespread artificial intelligence in the hands of hackers – both lone wolves and states – we may be entering an era of “cyber-physical attack.”

A few months ago, Chinese hackers broke deep into the U.S. cyber infrastructure to do serious damage. They attacked water treatment plans, the electrical grid, transportation systems and other critical infrastructure in the US.

All told, with the widespread emergence of generative artificial intelligence, concerns have grown that physical attacks will be the next phase of cybercrime.

There have even been simulations of cyberattacks in the lab that have ended in explosions. It has been possible to hack into computer-controlled pump motors and cause them to burn out. Attacks that cause temperature gauges to fail, jam pressure values and bypass circuits could also cause explosions under laboratory conditions. Such an outcome would bring much more than a temporary shutdown of the system, as is the case with a typical cyber-attack.

If a power plant is stopped by a typical cyberattack, it will come back online quickly, but if hackers cause it to explode or burn down, there will be no way to get it back online a day or two after the attack; it will take weeks and months because many parts of these specialized systems are custom-made, so downtime can be significant.

Technology, backed by artificial intelligence, can wreak havoc on physical systems. However, for such attacks to occur, three elements must be present: opportunity, opportunity, and motivation – and it is this last element that is the only thing stopping attacks.

Artificial intelligence could make it easier for someone who lacks the skills and patience to attack industrial control systems themselves. Hackers could use generative AI to create code for various controllers, and once a bad actor takes control of a controller, it can wreak havoc on industrial systems. And while industrial controls are difficult to hack, there is a real risk that artificial intelligence provides even inexperienced hackers with tools that can improve their attack.

Many industrial systems still rely heavily on legacy systems that have had poor security for many years. The advent of artificial intelligence makes it much easier to exploit these vulnerabilities. It is important to keep in mind that cyber-attacks using artificial intelligence can happen very quickly, and will be complicated to detect and mitigate.

However, we must keep in mind that the use of artificial intelligence does not only have negative consequences, but artificial intelligence also plays a key role in strengthening cyber defenses, detecting and responding to threats more effectively by analyzing vast amounts of real-time data and identifying malicious activity.

 

So, what should you do to protect your organization from the possible effects of cyber-attacks using AI?

Preventive measures are key here:

– regular security audits,

– penetration tests,

-verification of the functioning of technical as well as organizational solutions that have a direct impact on the security of the organization, information, data, ICT systems and devices.

These are standard methods. In addition to specific actions, the focus should be on strategy. Only a comprehensive approach to threat topics will make it possible to realistically counter threats.

It is also important to remember that in order not to be left behind, it is necessary to keep up to date with technical innovations and follow trends.

Hackers are constantly looking for new solutions, opportunities for attacks, so why shouldn’t we do the same? Because to defend ourselves effectively, it is first necessary to know the types of threats we face.

 

Photo: Unsplash

Read more:

Cybersecurity Trends 2024

As in every other field of business and technological endeavor, artificial intelligence (AI) will have a transformative impact on both attack and defense. Its impact will be felt across every one of the trends in cybersecurity in 2024.   The cyber security trends that everybody should be on high alert for as we head into […]

Happy Holidays And All The Best In 2024

We Are NaviRisk and We Wish You Happy Holidays And All The Best In 2024   We look forward to another year of collaboration and shared accomplishments. Our unique competence will also work for you in 2024.

Device Security: Best Practices for Phones

Threat actors increasingly target mobile devices to steal people’s credentials, gain access to corporate networks, or simply spy on victims’ activity. To help you maintain your device’s security, the expert recommends following these best practices: Create a strong lock-screen pin or password (at least six digits) and set your phone to lock automatically after 5 […]

CONTACT

NaviRisk Sp. z o.o.

ul. Huculska 5/6
00-730 Warsaw

+48 605 19 11 19 info@wearenavirisk.com

CONTACT FORM

Do you have any questions? Write to us!