MapleSEC webinar: AI can be used by defenders, and threat actors

Share post:

There’s no doubt threat actors are either using or will soon use artificial intelligence to build malware and craft their attacks, says an expert.

“Bad guys almost certainly are going to use AI,” Dave Masson, Ottawa-based director of enterprise security at Darktrace told this week’s IT World Canada MapleSec Satellite webinar.

“Why? The same reasons we use AI: It’s going to do the heavy work for them. Likewise, if they can take the human being out of it [their work] and have the attack driven by AI, it’s less likely to make a mistake.

“In fact it’s going to be more efficient. It’s going to allow them to carry out more attacks at a greater scale than before.”

That means, he added, if adversaries are going to use AI to attack, CISOs have to find AI-driven solutions to defend themselves. “You can’t get into an AI fight,” Masson said, “You’re not going to win.”

Asked by session host Jim Love, ITWC’s CIO, if ChatGPT is a bigger threat than AI, Masson called it “a harbinger of things to come. It can write text they can use. If you’re an attacker where English isn’t your first language, you can kiss goodbye to all those silly grammar mistakes you make that allow your phishing emails to be intercepted.”

On the other hand, Masson added, it may be possible for an AI solution to detect if the text of an email message was been generated by a human or not.

Related content: Does AI in IT operations pay off?

Artificial intelligence solutions can be used in many scenarios, he said, from discovering assets on IT networks to reacting faster than humans to quickly spreading malware.

An AI solution may be able “heal” your environment by getting it back to the condition it was in before an incident, Masson added.

Not that AI is perfect, he stressed. “It’s got to work on the data it has,” Masson said, and that data is input by humans. As the old saying goes, he said, “it’s garbage in, garbage out.” The best way AI can be used is not by trusting its responses completely, but by using it to help IT/infosec staff make decisions, he said.

“Some people say, ‘It’s AI. Should I care?’ You should care. What you shouldn’t do is worry, because this is pretty much the way we’re going. It’s all about using artificial intelligence in all its different modes and guises to support human beings.”

The next MapleSEC Satellite online series event will be held June 21.

The post MapleSEC webinar: AI can be used by defenders, and threat actors first appeared on IT World Canada.
Howard Solomon
Howard Solomonhttps://www.itworldcanada.com
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

SUBSCRIBE NOW

Related articles

Hackers Plant False Memories in ChatGPT to Steal User Data

A security researcher has uncovered a vulnerability in ChatGPT that could allow hackers to store false information and...

“Octo2” Trojan Targets Bank Accounts by Posing as VPN or Chrome Apps on Android

A new malware variant called “Octo2” is spreading across Android devices by posing as popular apps like NordVPN...

Evilginx – Open source tool can bypass Multi-Factor Authentication (MFA)

Security vendor Abnormal Security is reporting a new cybersecurity tool that is gaining traction among cybercriminals. The tool,...

Kaspersky’s exit from US market frightens some customers

Kaspersky, the Russian cybersecurity firm, has unexpectedly removed its antivirus software from U.S. customers' computers, replacing it with...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways