Artificial intelligence and cyber security

Artificial intelligence and cyber security

Cezary Maƛlankiewicz, CISO Crowe Poland
Artificial intelligence and cyber security
The security of ICT and banking systems, financial infrastructure and the protection of corporate secrets are of paramount importance in today's world. However, the risks increase as the number and effectiveness of cyber attacks increases. One way of defending against cyber threats can be the use of artificial intelligence. The problem is that cyber criminals are also taking advantage of AI.

Cyber attacks a threat to companies

The protection of business secrets, the security of networks, ICT or banking systems are nowadays very important issues in ensuring the confidentiality of information. The protection is required, inter alia, for personal data. The Data Administrator is responsible for implementing a personal data protection system. He/she documents all breaches of personal data protection. Furthermore, certain groups of entities processing personal data are obliged to appoint a Data Protection Officer (DPO). The DPO shall then support the Administrator in fulfilling the obligations. Learn more: Outsourcing of the Data Protection Officer (DPO)

The Data Administrator, the DPO, but also security departments have to minimise the risk of cyber attacks and data leakage. This is becoming more and more difficult each year. The number of cyber attacks is growing almost exponentially. According to Check Point Research, as many as 1 in 10 organisations worldwide has been affected by attempted ransomware attacks in 2023, an increase of 33% from the previous year. Meanwhile, according to the Aon Global Risk Management Survey, only 43 per cent of businesses in Poland have implemented a plan or formal risk review. This shows the scale of the problem. The consequences of a cyber attack can be severe and the scope of stolen data wide.

The most important consequences of a cyber attack on a company are no doubt the financial, legal and image implications. The loss of a company's reputation, in turn, involves the undermining of its clients' trust and, in some cases, even their loss. All this generates serious financial losses for the organisation. On top of this, there are the possibility of fines/sanctions due to violations of the General Data Protection Regulation (GDPR). Therefore, data protection in a company should not be underestimated and as is widely known, prevention is better than cure.

Personal data protection – find out how we can help your company

AI helps ensure cyber security

The impact of a cyber attack can be severe. Aon's data shows that between 2022 and 2023, the average cost of a single data breach in a company rose to almost $4.5m. In companies that do not use artificial intelligence in cyber security, the cost was around $5.4m.

Meanwhile, Check Point Research data for December shows that banks in Poland were attacked an average of seven times per hour last year. More than 1,100 attacks per week were reported in the banking and telecommunications sector. It is therefore worth reaching for new solutions, including AI, i.e. artificial intelligence to defend against cyber threats.

How can AI be used in cyber security? Artificial intelligence is now being considered as effective tools for ensuring cyber security. Among other things, AI helps to detect attacks and manage cyber security. Training and implementing AI models can increase the level of data verification and validation. The only thing to remember is that in order for the system to be able to solve problems, the system needs to be properly 'trained', and this requires skilled professionals and the time to do so.

Recently, more and more is also said about so-called explainable artificial intelligence, XAI. This is about machine learning algorithms for understanding and interpreting decisions made by systems. XAI will enable security experts to monitor systems in detail and take swift action if any anomalies are detected. Explainable learning will significantly increase the detection rate of threats in IT networks.

The concept of trustworthy, on the other hand, helps to describe the characteristics desired in trustworthy AI. These characteristics are robustness, oversight, clarity allowing logical justification for algorithm selection, accuracy, transparency and traceability. Defining these characteristics is expected to help build resilient systems, significantly improving the level of cyber security. A resilient system means better risk management throughout its lifecycle.

Cyber security. The arms race continues

AI can be used in the area of cyber security. However, with the proliferation of AI, the risk of its use by cyber criminals is also increasing. There are better and more effective methods of data theft coming up.

As the recently published report 'Securing Artificial Intelligence (SAI); Automated Manipulation of Multimedia Identity Representations' by ETSI (European Telecommunications Standards Institute) shows, there are types of hacking attacks aimed at, among other things, identity theft with the use of AI.

The report describes two categories of attacks involving artificial intelligence:

  • attacks on media and public perception,
  • attacks on means of identity verification.

When attacking methods of identity verification, cybercriminals will use the remote identity verification options available in many EU countries such as sending a video with a person and an ID card. Hackers will impersonate the sender using AI algorithms that create a false image of the targeted person.

Cyber criminals in their cyber attacks are taking aim at the biometric authentication procedure, increasingly used as a security measure. AI is helping them in these attacks. Thanks to the application of AI, it becomes possible to shape a voice in order to carry out a cyber attack by impersonating another person. Here, the 'magic' happens through deep voice technology, which is used to clone the speech of the user of a given system.

It sounds almost like the script of a Mission Impossible movie; the only difference is that here real data is stolen and serious damage is done to an organisation that has become the target of a cyber-attack involving artificial intelligence.

The (bullet armour) arms race continues. As is widely known, new solutions are emerging to thwart such attacks. For example, one company in the US can now detect synthesised voices and thus prevent fraud. And what new methods will cybercriminals develop? Time will tell.

Artificial Intelligence. The two faces of AI

Ensuring cyber security is inextricably linked to risk analysis. To achieve this, it is necessary, inter alia, to implement security measures based on the latest technological solutions, including those based on artificial intelligence.

Technological developments have accelerated significantly in recent times. As the NASK experts` study Cyber security of AI. AI in cyber security shows, AI-based tools are used both for defence and for carrying out cyber attacks. AI thus works in the service of cyber security, but it is also becoming increasingly present in cybercrime.

Artificial intelligence and its use arouse strong emotions, that is why designing appropriate regulations is so important. The European Union is already drafting an AI Act and the defence ministers of the North Atlantic Alliance countries adopted an Artificial Intelligence Strategy for NATO in October 2021. The aim of such regulations is to, inter alia, define a concrete framework for the use and design of AI. All this may help to defend against cyber attacks more effectively. AI legislation, however, is a topic for another text.

Our expert

Violetta Matusiak
Violetta Matusiak
Data Protection Inspector

Personal data protection