It may take several years or even decades, but hackers won’t necessarily always be human. Artificial intelligence—a technology that also promises to revolutionize cybersecurity—could one day become the go-to hacking tool.
Organizers of the Cyber Grand Challenge, a contest sponsored by the U.S. defense agency DARPA, gave a glimpse of the power of AI during their August event. Seven supercomputers battled each other to show that machines can indeed find and patch software vulnerabilities.
Theoretically, the technology can be used to perfect any coding, ridding it of exploitable flaws. But what if that power was used for malicious purposes? The future of cyberdefense might also pave the way for a new era of hacking.
THE POSSIBLE DANGERS
For instance, cybercriminals might use those capabilities to scan software for previously unknown vulnerabilities and then exploit them for ill. However, unlike a human, an AI can do this with machine efficiency. Hacks that were time-consuming to develop might become cheap commodities in this nightmare scenario.
It’s a risk that the cybersecurity experts are well aware of, in a time when the tech industry is already developing self-driving cars, more advanced robots, and other forms of automation. “Technology is always frightening,” said David Melski, vice president of research for GrammaTech.
Melski’s company was among those that built a supercomputer to participate in August’s Cyber Grand Challenge. His firm is now considering using that technology to help vendors prevent flaws in their internet of things devices or make internet browsers more secure.
“However, vulnerability discovery is a double-edge sword,” he said. “We are also increasingly automating everything.”
So it’s not hard for security experts to imagine a potential dark side—one where AIs can build or control powerful cyberweapons. Melski pointed to the case of Stuxnet, a malicious computer worm designed to disrupt Iran’s nuclear program.