AI and Phishing: Best Offense or Great Defense
The term AI is most often misinterpreted. There are people thinking of the T-1000 or those terminator robots that were trying to hunt down John Connor and eventually leads to the creation of SkyNet and towards the end of the world as we know it. These clichéd science fiction and futuristic visions are true in movies but not in the real world. AI is a study of various intelligent functions, which happens to be artificial. Simply put, when a machine mirrors human intelligent functions, such as learning and problem solving.
Phishing, on the other hand, is the deceitful manner of posing as a trustworthy entity and obtaining sensitive personal information (e.g. usernames, passwords, and money) for malicious purposes – all done via electronic communication.
AI and Phishing put together? Now that’s a thought.
There has been some buzz online recently that a certain AI system has been seen exhibiting something alarming – generating URLs for phishing websites that not only replicate in random but appear to intelligently elude detection by security softwares.
This AI system can systematically generate URLs for webpages that poses as legitimate login pages for legitimate websites, hence, collecting user credentials for account hijacking later. Procedures, blacklists and algorithms – intelligent or not – can be used systematically to recognize and block links to phishing websites. Users should be able to identify that the links themselves are dubious, but of course, not everyone is tech-savvy.
Just recently, a cyber-security firm called Cyxtera Technologies¸ have been able to commission its scientists in the US to build a machine-learning software called DeepPhish. Supposedly, this machine can generate phishing URLs capable of bypassing and beating out most of today’s detection softwares and defense mechanisms. According to claims, this AI simulation – including risk analysis and detection – they were able to classify patterns, activities, and detect phishing URLs with more than 95% accuracy. This information provides a very relevant advantage for cyber defense teams, according to Cyxtera.
This clearly demonstrates a winning situation for cyber security. However, the inevitable question comes in – if AI is proactively being used to prevent attacks, what is stopping hackers, cyber criminals from using the exact same technology to overcome the traditional and AI-based cyber security defense systems?
Having AI as an integral part of the modern hacker’s arsenal, cyber security defenders have no choice but to come up with different ways of protecting systems which are vulnerable to attacks. Fortunately, cyber security professionals also have AI itself to rely on. This might sound like an arms race between hackers and cyber security pros but neither really has a choice. In this modern age, the battle between cyber criminals and security professionals is very Darwinian in its essence – survival of the fittest AI.