Robert Hannigan, the former head of GCHQ, has said that there is very little evidence of artificial intelligence (AI) being used in cyber crime or terrorism.
Hannigan was speaking at an event hosted by the London Office For Rapid Cybersecurity Advancement (LORCA), where he delivered a keynote on the so-called 'myths' and 'buzzwords' around AI in cyber security.
In his opinion, while AI has transformed many aspects of modern life, it is yet to prove all that useful to state-sponsored hackers. He suggested there were not enough benefits to outweigh the "trouble" of investing in the technology for malicious purposes.
"The cyber industry is great at scare stories, and I've read lots and lots of scare stories about criminal groups and even terrorists using AI, and to be honest, I've seen virtually no evidence for this at all, with a couple of exceptions," Hannigan said. "I would say that I think it's again a confusion with automation."
He added that AI would likely form a part of a hackers arsenal in the near future, but right now it simply presented too much "risk". As an example, he cited the SolarWinds hack, which he said was sophisticated but also appeared to be "hand-curated".
"You can understand why the attackers might have wanted to do that, in order to hide themselves," Hannigan said. "And doing it at the scale, and going to the trouble of doing it through AI would probably be at high risk for them."
From there the subject of AI in cyber security flipped, with Hannigan expressing concerns about the security of AI. He said the issue was "high on everyone's list" because technologies such as driverless cars and automated medical diagnostics were rapidly becoming the norm.
"The data is a huge vulnerability, and there have been lots of studies on so-called data poisoning, adversarial models, which basically say, we can trick the machine into misdiagnosing, for example, an MIT study on chest X rays," he said.
"And if you have a malicious actor, or even an accidental actor, it is perfectly possible to see how data poisoning or incorrectly categorised data can lead the machine to do something completely wrong with potentially very serious consequences."
-
What does modern security success look like for financial services?Sponsored As financial institutions grapple with evolving cyber threats, intensifying regulations, and the limitations of ageing IT infrastructure, the need for a resilient and forward-thinking security strategy has never been greater
-
Yes, legal AI. But what can you actually do with it? Let’s take a look…Sponsored Legal AI is a knowledge multiplier that can accelerate research, sharpen insights, and organize information, provided legal teams have confidence in its transparent and auditable application
-
Foreign states ramp up cyberattacks on EU with AI-driven phishing and DDoS campaignsNews ENISA warns of hacktivism, especially through DDoS attacks
-
A new 'top-tier' Chinese espionage group is stealing sensitive datanews Phantom Taurus has been operating for two years and uses custom-built malware to maintain long-term access to critical targets
-
‘States don’t do hacking for fun’: NCSC expert urges businesses to follow geopolitics as defensive strategyNews Paul Chichester, director of operations at the UK’s National Cyber Security Centre, urged businesses to keep closer tabs on geopolitical events to gauge potential cyber threats.
-
Three ways to evolve your security operationsWhitepaper Why current approaches aren’t working
-
Beat cyber criminals at their own gameWhitepaper A guide to winning the vulnerability race and protection your organization
-
Quantifying the public vulnerability market: 2022 editionWhitepaper An analysis of vulnerability disclosures, impact severity, and product analysis
-
Same cyberthreat, different storyWhitepaper How security, risk, and technology asset management teams collaborate to easily manage vulnerabilities
-
Business value of ServiceNow security operationsWhitepaper Experience transformational gains from automating workflows and data-sharing among IT, security, and risk teams to rapidly remediate threats
