Eoin Treacy's view -
AI, however, could help human cybercriminals customize attacks. Spearphishing attacks, for instance, require attackers to have personal information about prospective targets, details like where they bank or what medical insurance company they use. AI systems can help gather, organize and process large databases to connect identifying information, making this type of attack easier and faster to carry out. That reduced workload may drive thieves to launch lots of smaller attacks that go unnoticed for a long period of time – if detected at all – due to their more limited impact.
AI systems could even be used to pull information together from multiple sources to identify people who would be particularly vulnerable to attack. Someone who is hospitalized or in a nursing home, for example, might not notice money missing out of their account until long after the thief has gotten away.
AI-enabled attackers will also be much faster to react when they encounter resistance, or when cybersecurity experts fix weaknesses that had previously allowed entry by unauthorized users. The AI may be able to exploit another vulnerability, or start scanning for new ways into the system – without waiting for human instructions.
How secure is your password? Do you use some combination of birthdays and family names to make them easily recallable? The digitisation of information that was once only held on paper means it is comparatively easy to now find out personal details for just about anyone on the web. The increasing number of thefts of the data corporations hold about clients only exacerbates the problem. All you need to do is Google someone and you will likely be surprised by what is available online. It is therefore conceivable that an AI could form a picture of your family and correctly guess your password. Wherever possible set up two-factor logins, so you get a text message with a code before you can login and do not have a password that is your name and date of birth or indeed “password1”. Best practice is that you have a separate computer only used for banking and paying bills but never check email or surf the web on it, in addition to two-factor logins.
This section continues in the Subscriber's Area. Back to top