- This event has passed.
Virtual Talk on ‘Role of Artificial Intelligence in Cyber Security: Challenges and Opportunities’
February 28, 2022
The Manohar Parrikar Institute for Defence Studies and Analyses (MP-IDSA), New Delhi organised a virtual discussion at which Dr. Prabhat Kumar, IRS (retd.) spoke on the ‘Role of Artificial Intelligence in Cybersecurity: Challenges & Opportunities’, on 28th February 2022. The discussion was chaired by Ambassador Sujan R. Chinoy, Director General, MP-IDSA.
Executive Summary
In the new age of technology, Artificial Intelligence has contributed to every aspect of business, industry, military, space and human life. However, with the advent of every technology, there exist challenges regarding its misuse, which has been a cause of concern for nations all over the world. The presentation by Dr. Kumar expanded on Artificial Intelligence and looked at solutions to the possible threats faced by its misuse and maximisation of its utility.
Detailed Report
Ambassador Chinoy made the opening remarks and introduced and thanked Dr. Prabhat Kumar for finding time to enlighten the audience on “Role of Artificial Intelligence in Cybersecurity Challenges & Opportunities”. Ambassador Chinoy stated that technology is at an inflection point with the advancement in Artificial Intelligence (AI), Machine Learning, Big Data, Internet of Things (IoT) etc. and that along with benefiting governments and businesses, it was also being misused by actors with malicious objectives. Ambassador Chinoy emphasised the need to look at this advancement in a holistic manner, i.e., how we gather & protect our data, who gathers & how? Ambassador Chinoy then invited Dr. Prabhat Kumar to share his views on the topic “Role of Artificial Intelligence in Cybersecurity Challenges & Opportunities.”
Dr. Prabhat Kumar started by thanking Ambassador Chinoy & MP-IDSA for offering the opportunity to share his views on this topic. Dr. Prabhat shared that the word AI was coined in 1956, but it had matured as a technology only more recently. In the last year alone, as many as 42 AI and Big Data-focused start-ups had been set up. He added that apart from businesses, health and education, in the field of military modernisation too, where weaponry, tanks, missiles are loaded with modern technology, AI would change the nature of modern warfare. Dr. Prabhat added that space is another area where AI is advancing.
Coming to cybersecurity, Dr. Kumar noted that AI was being used in many verticals and had largely resulted in software being sold as a service (SaaS). He emphasised that cybersecurity is at the core of the Digital progress of our society. Dr. Prabhat then brought out the findings of the Spotlight Report 2022, which highlighted that there had been a 29% increase in the count of vulnerabilities associated with ransomware and a 25% increase in ransomware families.
Dr. Prabhat mentioned that cyber breaches have become an everyday phenomenon, with the post-COVID Work from Home (WFH) phenomenon having accelerated cyberattacks and created an environment of security distrust. Cybercriminals can penetrate 93% of company networks, according to the study conducted by Positive Technologies.
Recounting recent cyberattacks, Dr. Kumar noted that Data Wiping Malware in Ukraine had hit hundreds of computers, as per cybersecurity firm ESET. In addition, hackers backed by the Russian Government had breached the network of multiple US defence contractors and revealed sensitive information about US weapons-development communication infrastructure and the federal government.
It was also mentioned that Colonial Pipeline Company faced a cyber-attack where the ransom was demanded and paid. Ransomware malware locks down the system, encrypting data to extort money. APT29, a hacker group linked to Russia’s foreign intelligence organisation (SVR), inserted malicious code into SolarWinds software sometime in March 2020, which breached the computer network of the US Treasury and the Departments of State, Defence, Justice, Commerce, and Homeland Security, besides others. Similarly, in India, as per Check Point Research, companies witnessed 1803 cyber-attacks weekly per organisation on an average in 2021. This was a 25 per cent jump over 2020.
Dr. Prabhat then explained What is Hacking i.e., an act of compromising digital devices and networks through unauthorised access. Hacking refers to the misuse of devices like computers, smartphones, tablets, and networks to cause damage to or corrupt systems, gather information on users, steal data and documents, or disrupt data-related activity.
The different types of cyber attacks were explained:
Malware – Malicious software such as ransomware, designed to damage or control a computer system.
Phishing – Fake official emails (bank, PayPal) link to the fake website, where victims log in, giving up their passwords.
Man-in-the-Middle Attacks – Hackers inserted themselves between your computer and the webserver.
DDoS (Distributed Denial of Service) – a Network of computers overload a server with data, shutting it down.
Cross-Site Scripting – Injects malicious code into a website that targets the visitor’s browser.
SQL Injection Attack – Corrupts data to make a server divulge data such as credit cards numbers and usernames.
Dr. Prabhat provided the major sources of cybersecurity threats:
- Nation States
- Criminal Groups
- Hackers
- Terrorist Groups
- Corporate Spies
- Malicious insiders
- Hacktivists
Security cyber infrastructure and resources which could be compromised included:
- Databases
- End Points
- Mobile Apps
- Networks
- Servers
- Storage
- Web Apps
- Middleware
- Thick Client Application
- Cloud
- On premise hosted products
- Miscellaneous
AI is used in different technologies such as:
- Machine learning
- Speech
- Vision
- Language Processing
- Expert systems
- Planning and optimization
- Robotics
Dr. Prabhat then explained how AI is used both by hackers and defenders who use it to solve complex problems and perform high-level computations. It increases accuracy as it learns from experiences, uses machine learning to reason, recognises images, understands language and nuances, and create perspectives.
Dr. Prabhat emphasised that algorithm is at the core of AI. He added that the most powerful algorithm is used in Tik Tok App as it takes care of the user requirements and makes instant recommendations. Dr. Prabhat noted that the battle between Hackers and Defenders is of algorithm, as the more complex the algorithm, the more powerful malicious software or solutions can be designed. AI is used to launch faster, stealthier and sophisticated hyper-targeted attacks on the scale. Hackers test and improve their malware to make it resistant to AI-based security tools. AI can be used to choose the timing of attack when high traffic volumes are high and more intelligent attacks that self-propagate over a system or network. Cyber actors use AI-enabled malware programs to learn the computation environment of an organisation automatically, update communication protocols and pinpoint when and where the system is least protected.
Dr. Prabhat added that malware algorithms need the training to know what normal looks like on a network and that AI can sift through a large number of incidents to identify and take corrective measures instantly against any impending attack. Also, AI enables the setting up of self-configuring networks, which prowls through every computer, smartphone, other devices, etc., to detect anomalous activity from identifying malware in an email attachment, to a disgruntled employee downloading sensitive files. AI improves malware detection rates using a baseline of cyber intelligence data. AI cybersecurity systems can learn from indicators of compromise and may be able to match the characteristics of small clues even if they are scattered throughout the network.
Dr. Kumar also elaborated on AI-enabled solutions, which were utilising anomaly detection, keyword matching, and monitoring statistics.
- They detected all types of networks or system intrusion and could also analyse billions of file samples, appraise files for threats, determine whether or not a threat exists and quarantine infected files.
- AI could be used to predict the presence of automated bot traffic and automatically block the traffic before it becomes dangerous.
- Phishing emails could be identified by using AI and ML capabilities to perform an in-depth inspection of links.
- AI systems could detect vulnerabilities (software bugs) and perform response actions like self-patching. This would strengthen system security by providing network resilience, prevention and protection against cyber threats.
New AI applications are emerging in Intent-Based Network Security (IBNS) on AI platforms for cyber defence or immune computer systems which have the ability to self-adapt. In addition, research is required in countering complex cyber threats, malware reverse engineering and projection to enhance cyber situation awareness. He gave examples of Crowdstrike and DarkTrace software which used AI effectively to monitor cyber threats, leading to huge valuations for the parent companies. The CIA, MIS, NSA and GCHQ were among its clients.
On having an effective strategy against cyber attacks Dr. Prabhat made the following points:
- Country needs a comprehensive national approach and should start by re-examining traditional notions of trust. Zero trust is the idea that no untested technology should ever be trusted or barred without verification.
- Cybersecurity must be embedded in a technology’s development phase itself.
- Operators must disclose all of the critical components they deploy in their networks.
- Equipment sellers must spell out in detail how they will ensure that their products cannot be used for sabotage, espionage, or terrorism, and failure to meet legally mandated thresholds must invite fine, ban or shutting down of the company.
Dr. Prabhat ended his presentation with several pointers on safeguarding from cyber threats:
- Update Systems and Software
- Backup Data
- Initiate Phishing Simulations
- Secure websites with HTTPS
- Build a Cyber Incident Response Plan
- Maintain Compliance
- Train Employees
- Create an Insider Threat awareness program
Discussion, Comments and Questions
- Ambassador Chinoy thanked Dr. Prabhat for a comprehensive presentation and added that though India is making great strides in the IT sector, no parallel progress can be seen in the AI space. Ambassador Chinoy mentioned that more technologically advanced tanks of Pakistan were outsmarted by our more conventional tanks in the 1965 war and questioned whether too much of AI without adequate preparation as in the military can also be a burden in space? He also asked Whether AI would be able to take over command of our military weapons like fighter jets or divert missiles or smart bombs, which have become so automated.
- Dr. Ajey Lele questioned whether these technologies, including AI, would become redundant in the coming era, and should we focus more on Quantum technologies, particularly on Quantum Cryptography?
- Dr. Cherian questioned how mature is AI in cybersecurity, and do AI-based solutions increase or decrease cybersecurity costs?
- Dr. Sanur Sharma questioned how well is India’s National Strategy on AI that was released recently in line with India’s cybersecurity strategy?
- Ms. Krutika Patil questioned the attribution of AI in cyber-attacks and what kind of data, infrastructure and model is required for such cyber-attacks.
- Maj. Gen.Bipin Bakshi (Retd.) queried whether we have an agency that is working on AI in India, would AI be able to handle a quantum attack, and can AI be used to enhance the effectiveness of our military weapons?
- Mr. Sihag queried that as India imports so much hardware such as semi-conductors, is there a possibility of them being compromised by the exporting nation and is there a solution to this issue, and can AI be used to mitigate it?
- Mr. Jayant Mishra stated that rapid digitalisation coupled with AI had come a long way. It has changed the entire architecture of communications, information keeping, surveillance, mapping, and every aspect of human behaviour, and all of this has thrown significant challenges.
- Group Captain Karunakaran questioned whether banks have adequate AI in place for cybersecurity as most of the transactions had gone online.
Dr. Prabhat then came forward to answer the queries raised by the participants of the discussion.
Firstly, Dr. Prabhat addressed the query of Ambassador Chinoy regarding India’s history in software and how it is placed in AI technology. Dr. Prabhat stated that India made great progress till 2006 in technology, but India somewhere got left behind in AI till 2015-16 while China took off with the rise of Alibaba, Tencent and a host of the small, medium, larger enterprises. As of now, we have again increased pace and have a great growth rate in start-ups that rely on AI & data analytics. Funds have been earmarked & Institutes have been set up in collaboration with TCS & IIS in AI & quantum computing. Regarding the military application of AI, some efforts are going on to keep it away from being used in situations where human lives may be endangered. Dr. Prabhat then answered the query of Dr. Ajey Lele regarding quantum technologies that it is still in its nascent stage, and there is no stable environment to use it in as of yet. In relation to cryptography applications & their encryption, it would be a totally new domain of technology. With regard to the query of Dr. Cherian, Dr. Prabhat replied that AI is not perfect as both false positives and false negatives are depending upon the algorithm. Regarding the cost, it would surely go up, but the gains would be more in the long term. While replying to Dr. Sanur Sharma, he stated that as of now, AI had not been deployed on a large scale in the military; however, advanced tanks, UAVs and robots have been used. Robots have been used by the US in the Afghan war, which surely saved a lot of manpower and they performed complex and dangerous tasks. India is also using AI in its missile technology to track the target after being deployed. Replying to Ms. Krutika Patil, Dr. Prabhat agreed that costs will increase, and a lot of data is required and robust infrastructure. With regard to the query of Mr. Sihag relating to the vulnerability of semi-conductors Dr. Prabhat stated that semi-conductors can be manipulated and that it is necessary to set up large manufacturing units in India to diversify the supply chain. Dr. Prabhat while mentioning the concerns of Mr. Jayant Mishra stated that through the advent of technology, power is being centralised and in the hands of a few.
The event concluded with Dr. Sanur Sharma delivering the Vote of Thanks.
Report prepared by Ms. Richa Tokas, Research Intern, Defence Economy &Industry, MP-IDSA.