AI for Hackers against Cybersecurity AI: Who Wins?


AI-driven penetration testing software has, for some time now, been providing cybersecurity personnel with a technical advantage over hackers. Such tools are self-learning, efficient at exposing vulnerabilities as well as easy to operate.

The bad news for cybersecurity folks, however, is that hackers also have access to the technology and are finding ways to use AI-powered cyberattacks against us.

In light of this one may expect that soon the war over the safety of important data will no longer be fought out by humans, but by artificial intelligence (AI) applications deployed by both sides. Let’s see how.

The AI Advantage for Hackers

All the tools hackers need to build next-generation cyber weapons already exist and are easily available through open-source AI frameworks and neural networks. AI provides attackers with the ability to scale, allowing them to mount as many simultaneous strikes as possible and increasing their chances of overwhelming their targets.

Combine these advantages with 24/7 availability; the ability to take on tedious, repetitive tasks with consistent accuracy and precision; and the ability to learn from past experiences and adjust. You’re looking at a truly frightening adversary.

Given these advantages, here’s what we can expect future attacks to be like.

  1. Malware will be able to analyze data from email, social media and chat channels to create profiles and behavior that mimic trusted users. These intelligent impersonators can then launch internal attacks that are so well-crafted, they can easily pass a Turing test.
  2. Spyware can bury itself in your system and lurk there indefinitely, patiently collecting data and conscientiously analyzing your activities and behavior as they build up a strong knowledge representation of your digital universe. The AI component can then plot out the best way to compromise your system.
  3. Attacks will be more relentless, overwhelming and effective. Most of these will be directed, not by humans sitting outside the targets, but by intelligent malware applications that lie in wait from within.

Cybersecurity and AI

It is unlikely that any human will be able to keep up with the power of AI-directed attacks. But if there is a positive side to this, it is that cybersec pros, too, can use AI to defend their organization. AI and machine learning apps are excellent at sifting through huge volumes of data at very high speeds and recognizing patterns that could indicate threats.

Here are some of the initiatives that could anticipate and preempt impending AI attacks, even before they can be launched.

  1. As mainstream developers become more proficient with AI concepts, they are employing machine learning to analyze software code. The ML can help them spot areas in the code that are most vulnerable to AI attacks. They can then resolve these issues even before the program is released to end-users.
  2. To successfully defend against cyberattacks, cybersecurity cannot rely solely on passive mechanisms. It must include active threat detection to detect and address possible menaces. Unfortunately, this often requires adding white-hat hackers and analysts to the roster of personnel, and this isn’t always possible nor viable. Some AI tools allow these chores to be automated. In many cases, the AI may even be more effective at identifying potential threats.
  3. AI can help to quickly identify the threat and just as quickly formulate the most appropriate response. This helps neutralize the attack in the shortest time possible to minimize the damage it can do.

AI gives hackers and cyber criminals some very intimidating tools capable of creating and initiating threats that are way beyond current cybersecurity capabilities. This should not be cause for despair, however, as the tools that make attackers more fearsome are the very same ones that can provide equally formidable cybersecurity measures.

If you want to learn more about cybersecurity check here: