How AI Impacts Global Cybersecurity Strategy The Global Shift in Cyber Security Strategies National Security organizations have typically viewed cybersecurity through an espionage-based lens, focused on malware’s ability to steal information. Pegasus Project, the 2021 investigative journalism initiative created to highlight how government officials use Pegasus spyware to surveil politicians and journalists, for example, reveals the persistence of this traditional surveillence-esque approach to malware. However, the advancement of technology in the 21st century suggests a shift in cyber strategies. While the presence of cyber espionage will remain, cyber sabotage will soon gain a foothold in the framework of modern cybersecurity, and AI will only advance its ever-evolving capabilities. Cyber sabotage as an emerging security strategy is best showcased with Stuxnet, an event that had rippling effects on the cyber world’s understanding of malware attacks. In 2010, the United States and Israel launched Stuxnet, a joint attack on Iran’s nuclear enrichment facilities. The success of the Stuxnet led other nations to develop similar technologies, like Industroyer, the 2016 Russian-based malware that caused power outages in Ukraine. Chinese cyber operations have also “grown more ambitious and aggressive,” and “Russia, too, has intensified its cyber activities… with Russia-linked groups also targeting water facilities in Europe”..The Head of Defense Information Systems Service Agency in NextGov, Lt. General Robert Skinner, added how “China is seeking to disrupt daily life during a potential conflict"- instilling the gravity of cyber sabotage as a new predicament in national security, especially during wartime. The future of malware and cyber sabotage encourages the necessity for enhanced data analytics and precision. With key words such as “efficiency” and “sophistication,” the integration of AI is nearly second nature Maxar Technologies's satellite image of Fordow, Iran's underground nuclear complex in the aftermath of Stuxnet. How AI Will Evolve Cyber Security Threats Software companies, such as Brandefense, stress how actors can leverage AI to “orchestrate more complex and coordinated attacks,” overwhelming traditional security operations. AI revolutionizes cyber offenses by making it easier to identify vulnerabilities and to perform automated attacks. This makes “attacks such as the one that occurred in Iran in 2010 much more ‘accessible’ to cyber criminals,” as AI provides innovative tools to elevate the performance of any hacker. The reality of AI contributing to cyber attackers is reflected in reports like MIT’s study: “80% of ransomware attacks examined in new research used artificial intelligence,” with the quantity of attacks expected to increase, as over “93% of US and UK security leaders anticipate their organizations will face daily AI-powered cyber attacks within the next 6 months.” Many believe that cyber sabotage will only increase since the 2010 Stuxnet incident because AI-assisted sabotage attacks will be much quicker and efficient, with state-of-the-art software constantly improving. This completely changes the cyber field, as previous successful sabotages, like Stuxnet, were carried out by incredibly specialized and notable intelligence agencies, like the CIA. AI assistance can offer the resources and expertise of what previously would have only been experienced by the highest class of agencies. Questions of Security Previous malware incidents point to a rising era of cyber sabotage, and as AI amplifies the relevance and quantity at which these cyber sabotages happen, proactive and multi-layered defenses must be enhanced. MIT Sloan editorialist Zach Church describes cyber defense as “the eternal game of whack-a-mole,” as cybersecurity professionals must assess the precedent of successful defense operations, like conducting adversarial hacking that tests network defenses, and consider how AI could evolutionize familiar forms of offensives. MIT director of cybersecurity, Michael Seigel, stresses how there must “be a reexamination of the way in which we defend ourselves and the way in which we have to look at both old- and new-style attacks” due to the nuanced autonomous nature of what AI can do with malware. As researchers continue to examine the role of generative AI with attacks on industrial control systems, defensive products that address system management, detections, response strategies, and preventative operations will be necessary. Events like Stuxnet proved that closely monitoring machines and implementing strong physical security measures for industrial systems will not suffice– and with the modern instrument of AI, many traditional cyber protections will not measure to complete prevention. While many agree that as AI capabilities grow, “states and international bodies will need to establish regulatory frameworks” for risk management, protection in this new environment is still developing, as is offenses. Ultimately, 21st century malware encounters such as Stuxnet and Industroyer, have substantially hinted at global cyber offensive strategies expanding from simple espionage to industrial sabotage. As AI offers unparalleled pattern tracking, threat intelligence, and organized security operations, it also lowers the barrier to entry, as AI tools can enable people of lesser expertise to “generate malicious code and conduct complex attacks, increasing the volume of potential threats.” As the cybersecurity landscape continues to grow with transitions into cyber sabotages, expansions of AI capabilities, and therefore magnitude of attacks, defensive strategies must be prepared for the resistance to state-of-the-art malware in tandem with the understanding that state-of-the-art technology is constantly evolving as AI’s foothold in cyber advancements only grows. Tags: Cybersecurity, Artificial Intelligence
