DB Results Thailand Logo white
  • What We Do
    • Our Digital Services
      • Advisory and Technology Services
      • Application Development Services
      • Application Management Services
      • Digital Business and Transformation Services
      • Data Management Services
      • Cloud Services
      • Cybersecurity Advisory Services
    • Our Digital Products
      • OutSystems – Rapid Development Platform for Mobile and Web Applications
      • AgileBlue Advanced Cybersecurity
      • MiOK
      • Wellness+
      • Self Service Portal
    • Technology Simplified
  • Who We Are
    • Who We Are
    • Our People
    • Careers
      • Working At DB
      • Jobs at DB Results Thailand
    • Our Partners
  • Celebrating Success
  • In Action
    • In Action
    • Media / News
    • DB Thinking
    • Corporate Social Responsibility
  • Global
  • Contact Us
DB Results Thailand Logo white
  • What We Do
    • Our Digital Services
      • Advisory and Technology Services
      • Application Development Services
      • Application Management Services
      • Digital Business and Transformation Services
      • Data Management Services
      • Cloud Services
      • Cybersecurity Advisory Services
    • Our Digital Products
      • OutSystems – Rapid Development Platform for Mobile and Web Applications
      • AgileBlue Advanced Cybersecurity
      • MiOK
      • Wellness+
      • Self Service Portal
    • Technology Simplified
  • Who We Are
    • Who We Are
    • Our People
    • Careers
      • Working At DB
      • Jobs at DB Results Thailand
    • Our Partners
  • Celebrating Success
  • In Action
    • In Action
    • Media / News
    • DB Thinking
    • Corporate Social Responsibility
  • Global
  • Contact Us
DB Results Thailand
  • What We Do
    • Our Digital Services
      • Advisory and Technology Services
      • Application Development Services
      • Application Management Services
      • Digital Business and Transformation Services
      • Data Management Services
      • Cloud Services
      • Cybersecurity Advisory Services
    • Our Digital Products
      • OutSystems – Rapid Development Platform for Mobile and Web Applications
      • AgileBlue Advanced Cybersecurity
      • MiOK
      • Wellness+
      • Self Service Portal
    • Technology Simplified
  • Who We Are
    • Who We Are
    • Our People
    • Careers
      • Working At DB
      • Jobs at DB Results Thailand
    • Our Partners
  • Celebrating Success
  • In Action
    • In Action
    • Media / News
    • DB Thinking
    • Corporate Social Responsibility
  • Global
  • Contact Us

Intelligence, learning and the botnet

Loading...
Executive Consultant & Head of Health

Rallas Buttriss

Executive Consultant & Head of Health

Published

  • February 13, 2018

Share This

The increasing sophistication of Artificial Intelligence and Machine Learning, coupled with the rapid adoption of Internet of Things devices, paves the way for a massive cybersecurity event.

There are two principal groups which each hold a pervasive belief concerning the advancement of artificial intelligence. One group believes that the rise and improvement in AI will create a corresponding positive change in the human condition; the other that the logical extension of AI will result in humanity’s demise. There are many arguments that can be made to support the position of both groups.

However, I believe we are a reasonable way away from the time that either group’s position will have to be tested.

Both groups state that their position is dependent upon the development of general or strong AI. At the present time, the current developments for AI are in the far more restrictive narrow, or weak, AI realm.

Narrow AI is the only form of AI that has been acknowledged as achieved by humanity so far. It is an AI that is very good at one specific domain of activity, be that domain the ancient game of Go, or the specific (multiple narrow domains) of driving a car. Narrow AI is making great strides within these domains by coupling machine learning capabilities to the sense-evaluate-action paradigm. We are still some way away from the general or strong AI that would allow a machine to simulate the reasoning and ‘thinking’ activities of human. Well, I think we are: Lt. Commander Data may be hiding in a lab somewhere?!

However, even with the achievement of a strong general AI expected to be some time into the future, I do think that the existence of a narrow AI poses some very serious challenges right now.

These challenges are not of the “...terminator, I must crush humanity...” type, but they may still be problematic for numerous governments and corporations around the world.

Recently Intel, AMD and ARM all reacted to the publication of the details surrounding a pair of chipset vulnerabilities that were code-named Meltdown and Spectre. Meltdown affects Intel and ARM processors, while Spectre exists across the three manufacturers. While not all chipsets were equally affected, there is a pretty good chance that almost all of the computing devices that you usually come in contact with will be compromisable.

Now, neither Meltdown nor Spectre are simple vulnerabilities to exploit. They require some fairly explicit knowledge of the memory mapping of executing software payloads that are within the user’s address space, and need to be configured with additional device reflection to allow the leaked data to be harvested by the attacker. All of this takes time and patience to execute. Unfortunately, time and patience are two qualities that members of the black hat hacker community have demonstrated many times that they possess.

I have said many times in the past that computers have allowed humans to make mistakes faster than any time in the past, except for handguns and tequila. Now that we have the ability for narrow AI to be deployed on a consumer grade server, we have the growing capacity for a hacking community to create a machine learning enabled, crypto capable, self-referencing hacking tool. Simply feed the AI with the Meltdown and Spectre heuristics, load as many software programs that mimic your target government or corporation server as you can, unleash the pattern recognition and sense-probe-action feedback loop and then actively trim execution pathways that do not end in a successful hack.

Having birthed this monster and provided it with the primary education, then unleash it on the unsuspecting commercial or government entity. It may sit inside the corporate cyberspace for a long time, watching, learning, refining and waiting. Then when conditions are right (as defined by the hacking community) it begins active monitoring and sending back rich data payloads to the aggregation server.

This may all be a fantasy. Then again, maybe it’s not.

Intel, AMD and ARM are all working to issue fixes for the affected processors that extend all the way to models released from 1996 onwards. The browser manufacturers are actively promoting fixes for their products that stem what Spectre can do. Nobody is taking this threat lying down. Certainly not the chip designers, or the manufacturers or the large software organisations.

Since the release of the information on the two vulnerabilities, antivirus and vulnerability monitoring companies have reported 20 odd variants of the exploits being encountered in the wild – all using the same basic encoding that the example provided.

You can be sure that the hacking community is also not asleep at the wheel.

So finally, what has this all to do with IIoT and a botnet? Well simply answer this – who is going to patch every router, switch, webcam, hub, smart home assistant, smartphone, Wi-Fi enabled vehicle GPS, laptop, personal home desktop, small business e-commerce server, intelligent PABX/conference phone, projector/smart board and the 20 billion other devices expected to be in operation by 2020? I know, I know. Not all of them will be vulnerable – but enough will remain so that the first really successful hack using AI and machine learning will be devastating.

Hopefully, I will be more interested in tequila by then.

You may also like
Loading...

LCAP what’s the hype?

Low Code Application Platforms and the future of business agility.   Gartner Hype Curve for Cloud Platform Services, 2022 The recent (July 2022) Gartner Hype...

Continue Reading

September 14, 2022

Speed-to-Team: How traditional recruitment doesn’t work anymore

The need to be fast, agile, and ahead of the curve servicing customers is a business imperative, not just a nice idea. This tipping point...

Continue Reading

July 22, 2022
Youtube Twitter Linkedin-in

Let’s talk!

Youtube Twitter Linkedin-in
Contact us

© 2023 DB Results. All rights reserved.

  • Privacy Policy
  • Terms
  • Locations
We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
Cookie SettingsAccept All
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checkbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT
Powered by CookieYes Logo