Ask most people to tell you what Artificial Intelligence (AI) is and you’ll likely get a blank stare or a stammered answer about computers beating Russian expert chess players.
The truth is that AI covers a lot of different topics and can mean a lot of different things in a lot of different industries, everything from nailing down which type of customer to market a new brand, to pinning down a possible early diagnosis for an ER visit without talking to a person, to a self-driving car figuring out the best route possible for a cross-country trip while the family reads together or watching a movie.
AI in malicious software, also known as malware, is a more frightening thought. It does not act like Skynet from “The Terminator” of HAL from “2001: A Space Odyssey”, but it does have some troubling tendencies that can make it harder to predict, harder to identify, and harder to stop. This has cybersecurity experts on high alert.
What is AI-driven Malware?
This type of malware plays by its normal rules, but the AI allows it to infect computers at a faster rate and make the attacks more efficient. “Dumb” malware deploys the same type of attack every time in every situation while its AI-powered can assess things about the system it is attacking like whether or not it has antispyware software, if it has connections to other networks like the cloud, and can read keystrokes to try to pull passwords and usernames out of the memory banks.
What Are its Capabilities?
AI-driven malware can do as much as its programmers equip it to. One example would be a worm with a limited memory capacity that could “remember” what actions it takes that trigger anti-spyware software on a computer. It could use this memory to figure out how to stop performing that action and trying a different route to infect more devices.
The closest thing a piece of malware could be to the scary AI you so often see in movies is the power to operate independently. Normally then AI is deployed it is not alone in the job. There is usually a “command and control” server somewhere that the AI is reporting back to. This allows a hacker to see what the malware has discovered in a system and direct it to perform certain commands accordingly .The problem for the hacker happens when that link back to the command center is discovered and the police come knocking on the door. But an independent piece of malware doesn’t need direction from an outside source. It can “think” for itself by making decisions based on what it observes inside your system. If there is no strong antivirus software, the AI-powered malware will understand that is has pretty much free reign to do what it wants to. At this stage it can also move forward to infiltrate your email contact list, your personal information, even keystrokes from the last time you logged onto your bank account.