NSA's Focused Surveillance on Three Areas of Generative AI in Cybersecurity Domain
In the realm of cybersecurity, the discussion surrounding Artificial Intelligence (AI) has taken centre stage, particularly with the emergence of generative forms like ChatGPT. At the recent RSA Conference, this was a key focus, with Rob Joyce, director of cybersecurity at the National Security Agency (NSA), highlighting AI and machine learning as major topics.
Joyce, in his address, described generative AI as a "technological explosion" and a "game-changing" technology. He emphasised its potential to add machine-like focus to troves of data, helping defenders prioritise activities. Joyce further stated that generative AI is an "accelerant for defense" and a "huge amplification capability to make our defenders better."
However, concerns have been raised about the potential misuse of AI and large language models. Cybersecurity professionals are worried that these technologies could be used to fuel more dangerous and sophisticated attacks. Adversaries are already starting to experiment with ChatGPT in their workflows, and North Korean IT groups are rumoured to use similar AI for remote jobs to support weapons programs.
Criminal actors are also exploiting AI systems for automated data extortion with high ransom demands, and for creating sophisticated phishing attacks, voice cloning, and deep fakes to bypass security and enhance scams.
The NSA is tracking these advancements closely, focusing on both the potential defensive uses of generative AI and its potential adversarial use. Joyce discussed the potential of generative AI to scan across massive amounts of logs and correlate known CVEs and other things into data streams, which could significantly reduce the cycle and dwell time for attackers.
The agency is also studying how defenders can use AI or machine learning to regain advantages. For instance, adversaries may use AI to rewrite code, changing its signature and attributes, to impose challenges on defenders. The NSA is exploring ways to counter this by developing AI that can identify and neutralise such changes.
In conclusion, the integration of generative AI into cybersecurity is a double-edged sword. While it offers immense potential for defence, it also presents new challenges that must be addressed to ensure the security of our digital world.
Read also:
- Linde Wins Major Engineering Design Contract for Equinor's Low Carbon Hydrogen Project at H2H Saltend, Progressing Towards a Greener Future
- Transportation via roads plays a critical role in India's shift towards clean energy.
- EU Commission President von der Leyen emphasizes continuity, affirming that Europe's automotive future will be powered by electricity
- Zigbee and LoRa Low-Power Internet of Things (IoT) Network Protocols: The Revolution in Data Transmission and Networking