Security Think Tank: Focus on malicious use of AI in 2019

One thing predicted for 2018 that did not happen

Many security experts, including me, predicted that in 2018 we would see a continued explosion in ransomware, as we saw in 2017. And while ransomware has continued to be a significant problem, and smaller businesses especially still struggle with it, the 2018 Isaca State of cybersecurity whitepaper indicates a decrease in the percentage of respondents experiencing a ransomware attack, from 62% in 2017 to 45% in 2018 – hardly an explosion.

Part of the reason for this is that companies are better prepared to defend against and respond to ransomware attacks. The Isaca research shows that 86% of respondents have an enterprise strategy in place to reduce the odds of a ransomware attack, and 78% have a formal response to deal with ransomware. In 2017, only 53% had a formal way to deal with ransomware.

One thing that happened in 2018 that was not predicted

However, the other reason for the decline in the percentage who saw ransomware attacks is due to something unexpected that occurred in 2018 – the emergence of malware that implemented cryptomining on the victim’s system.

The rise of cryptomining malware displacing ransomware attacks makes sense, since both allow the attacker to extract money directly from the victim. In the case of cryptomining malware, the victim’s systems’ CPU or GPU cycles are used to mine cryptocurrency on behalf of the attacker.

One advantage to cryptomining malware is that the victim may not notice that the system has been infected for a very long time. Another advantage is that all victim systems provide a monetary return to the attacker; the disadvantage is that the amount earned per system is likely to be less than $100 per year, so many systems must be infected for the attacker to extract large amounts of money.

On the other hand, a successful ransomware attack can extract more money in a shorter time. However, not all victims pay and, of course, since the ransomware has to notify the victim to pay the ransom, it is detected quickly.

One thing that should happen in 2019, but probably will not

In 2018, many artificial intelligence (AI) experts, along with the University of Cambridge and University of Oxford, collaborated on an important paper entitled The malicious use of artificial intelligence: forecasting, prevention and mitigation. Outlining potential dangers for AI and its malicious use, the paper calls for policy makers and technical researchers to collaborate closely to investigate, prevent and mitigate potential malicious misuse of AI.

Given the speed with which AI is progressing, this action should occur in 2019, but probably will not, due to the difficulties of getting policy makers and technical researchers to engage in such a fashion. Such a delay will increase the risk of AI being successfully misused for malicious purposes.