The increasing sophistication of Artificial Intelligence and Machine Learning, coupled with the rapid adoption of Internet of Things devices, paves the way for a massive cybersecurity event.
There are two principal groups which each hold a pervasive belief concerning the advancement of artificial intelligence. One group believes that the rise and improvement in AI will create a corresponding positive change in the human condition; the other that the logical extension of AI will result in humanity’s demise. There are many arguments that can be made to support the position of both groups.
However, I believe we are a reasonable way away from the time that either group’s position will have to be tested.
Both groups state that their position is dependent upon the development of general or strong AI. At the present time, the current developments for AI are in the far more restrictive narrow, or weak, AI realm.
Narrow AI is the only form of AI that has been acknowledged as achieved by humanity so far. It is an AI that is very good at one specific domain of activity, be that domain the ancient game of Go, or the specific (multiple narrow domains) of driving a car. Narrow AI is making great strides within these domains by coupling machine learning capabilities to the sense-evaluate-action paradigm. We are still some way away from the general or strong AI that would allow a machine to simulate the reasoning and ‘thinking’ activities of human. Well, I think we are: Lt. Commander Data may be hiding in a lab somewhere?!
However, even with the achievement of a strong general AI expected to be some time into the future, I do think that the existence of a narrow AI poses some very serious challenges right now.
These challenges are not of the “...terminator, I must crush humanity...” type, but they may still be problematic for numerous governments and corporations around the world.
Recently Intel, AMD and ARM all reacted to the publication of the details surrounding a pair of chipset vulnerabilities that were code-named Meltdown and Spectre. Meltdown affects Intel and ARM processors, while Spectre exists across the three manufacturers. While not all chipsets were equally affected, there is a pretty good chance that almost all of the computing devices that you usually come in contact with will be compromisable.
Now, neither Meltdown nor Spectre are simple vulnerabilities to exploit. They require some fairly explicit knowledge of the memory mapping of executing software payloads that are within the user’s address space, and need to be configured with additional device reflection to allow the leaked data to be harvested by the attacker. All of this takes time and patience to execute. Unfortunately, time and patience are two qualities that members of the black hat hacker community have demonstrated many times that they possess.
I have said many times in the past that computers have allowed humans to make mistakes faster than any time in the past, except for handguns and tequila. Now that we have the ability for narrow AI to be deployed on a consumer grade server, we have the growing capacity for a hacking community to create a machine learning enabled, crypto capable, self-referencing hacking tool. Simply feed the AI with the Meltdown and Spectre heuristics, load as many software programs that mimic your target government or corporation server as you can, unleash the pattern recognition and sense-probe-action feedback loop and then actively trim execution pathways that do not end in a successful hack.
Having birthed this monster and provided it with the primary education, then unleash it on the unsuspecting commercial or government entity. It may sit inside the corporate cyberspace for a long time, watching, learning, refining and waiting. Then when conditions are right (as defined by the hacking community) it begins active monitoring and sending back rich data payloads to the aggregation server.
This may all be a fantasy. Then again, maybe it’s not.
Intel, AMD and ARM are all working to issue fixes for the affected processors that extend all the way to models released from 1996 onwards. The browser manufacturers are actively promoting fixes for their products that stem what Spectre can do. Nobody is taking this threat lying down. Certainly not the chip designers, or the manufacturers or the large software organisations.
Since the release of the information on the two vulnerabilities, antivirus and vulnerability monitoring companies have reported 20 odd variants of the exploits being encountered in the wild – all using the same basic encoding that the example provided.
You can be sure that the hacking community is also not asleep at the wheel.
So finally, what has this all to do with IIoT and a botnet? Well simply answer this – who is going to patch every router, switch, webcam, hub, smart home assistant, smartphone, Wi-Fi enabled vehicle GPS, laptop, personal home desktop, small business e-commerce server, intelligent PABX/conference phone, projector/smart board and the 20 billion other devices expected to be in operation by 2020? I know, I know. Not all of them will be vulnerable – but enough will remain so that the first really successful hack using AI and machine learning will be devastating.
Hopefully, I will be more interested in tequila by then.