Hackers vs. Cybersecurity
AI, Machine Learning and even QuantumComputing will play an increasing role in the ongoing “Hackers vs. Cybersecurity” conflict.
I have to admit, I am very fond of analogies and I particularly love ones related to cars and sports (not a big surprise, I’m sure, to the people who know me). Some of my favorite analogies involve the “cops vs. speeders” battle. Humans have definitively been prone to either wanting to go fast or feeling that something is going to fast. To digress for a moment, I’m reminded of part of a George Carlin bit in that, people also tend not to like it too much when someone else goes exactly the same speed, right alongside of us(?).
It was not long after the first automobiles hit the roads, that speed limits and fines began to appear. Thus began the continuous battle between “cops and speeders”, those who: want to speed, feel they should be able to go faster or sometimes just don’t realize they have started speeding … and those in the camp who try to control speeding and find all sorts of various ways to deter, catch and fine violations of speed limits. On the side of law enforcement, we move from simpler times in the mid-20th century where police cars are hiding behind billboards, through to approaches such as; radar, photo-radar and laser speed detection. On the side of the speeders we saw responses that always tried to either avoid or better yet, leapfrog the approaches of their competition (the police and government). We saw the transition from CB based communication, to evermore complex radar/laser detection units, physical stealth approaches on the vehicle and now, sophisticated social networking apps with millions of users (i.e. waze.com), which can alert other drivers to the presence of law enforcement. I wonder how soon it will be before the government or the police find ways to minimize the effectiveness of social networking apps, or use mobile apps against the “speeders” in “real-time”.
The land of cyber, security and hackers is very similar to the world of the police and the speeders. The same dynamic exists in cyber space. While one group is looking to make things evermore safe and secure, their opposite in this dramatic cyberwar, are always looking for ways to “break-in”, disable or degrade. Sometimes it is done just for the challenge and to be able to say they did it. However, too often it is done for things such as; impact to the target and, or monetary gain. As soon as one side of the equation gets an advantage, the other side attempts to negate it, or jump “ahead”. When one avenue of attack becomes too much trouble for the hacker community, they are very adept at switching to another method for the same target, or simply switching to a new attack vector. There has been a continuous stream of approaches, best practices and solutions that are intended to improve the security posture of an environment and mitigate the risk of attacks and compromises. The hacker community, white, grey and black hackers, have also continued to hone their skills, approaches and solutions to increase their likelihood of success. Let us take the simple example of perimeter network security with a firewall. Back in the 90s this was considered somewhat sufficient, with all the “stuff” on the internal network generally being “trusted”. The hackers turned to phishing, malicious web links and various other mechanisms, which were easily able to penetrate from the inside. Now firewalls are just one component of an organization’s overall cybersecurity.
We are now at the relatively early stage of bringing Artificial Intelligence (#AI), Machine Learning (#ML) and even #QuantumComputing to the “hackers vs. cybersecurity” arena. Both sides will be utilizing new technologies, approaches and solutions in their ongoing conflict. For example, IBM announced in 2019, “The world’s first Quantum Computing Safe Tape Drive”, to reduce concerns associated with future potential for quantum computing to quickly break todays state of the art encryption. AI and ML approaches have already begun to be utilized to increase awareness of potential security issues, improve security posture of an IT environment and analyze anomalies. Likewise, I’m quite certain that the intelligent hacker community is hard at work utilizing AI and ML to enhance their tooling and the ability to identify potential targets and promising attack vectors.
Picture for example, a project leveraging numerous advanced techniques to analyze target environments, run simulations on potential attack vectors and various methods, estimate probability of success and even correlate with other data sets to try to determine the potential value of success and the likelihood of being discovered. Perhaps more importantly for some, would be adding in the evaluation of the probability of literally being “caught”, prosecuted and face some form of punishment (incarceration, fines, job loss, etc.).
Another great example of a continued seesaw battle in cyberspace, is the spam/phishing front. I personally hope that we quickly see more advances on the enterprise and personal email services side of things. The defenders will be using advanced technology to better detect unwanted or malicious communication and provide greater confidence for the end user in knowing that a particular email or messages is “legit”. We know that the attackers are getting better and better at constructing their communication and we can certainly assume that things like AI and ML will be used by the more advanced groups, to increase the success rates of attacks such as phishing.
It will certainly be interesting, at times exciting and sometimes, yes a bit scary to see this battle evolve over time. We all know the popular books and movies where the human race is battling advanced intelligence in the machine world (i.e. Terminator series, The Matrix trilogy). This will be more along the lines of machines battling machines, led by their human “handlers” (perhaps more akin to “Battlebots”). However, let us not forget that sometimes with all this technological advancement, there could still be just a “simple hack” that ends up “doing the trick”.
Boring Disclaimer: These thoughts are my own and I am not posting as a representative of any particular company. Your mileage may vary. Objects in mirrors and binoculars may be scarier than they appear (or they might not). If this had been an actual emergency, you and I would likely be doing something more important.