Right now, we seem to be at a bit of a midpoint when it comes to AI and cybersecurity. While on the one hand, it’s a clear tool for cyber attackers to take advantage of, on the other hand, it’s just as much a tool for cybersecurity experts. If not, more so.
So the question is: what exactly is going to happen in the future? Is AI going to be a damaging technological development for cybersecurity, or will its benefits outweigh the potential negatives?
AI as an Attacking Tool
One of the key ways AI is assisting cybercriminals is through a process called ‘AI-Locksmithing’. Using an algorithm similar to the ones used in threat detection, AI technology is embedded in malware and used to spot trends and patterns before making its move.
In other words, once the malware has breached a system, it can make an educated decision about when to execute an attack, judging by how vulnerable a system is at any one time.
One of the most significant examples of this is the AI-assisted attack on TaskRabbit, which saw nearly 4 million customers have their personal data – including financial information – breached and stolen.Â
While users in 2024 can take advantage of essential data removal tools to delete personal information from the internet, businesses are still at risk of their existing data being stolen, especially considering how fast AI tech is developing.Â
As time goes on, AI-enabled malware, ransomware, DDoS attacks, deep fakes, and phishing will only get more advanced, and this is a problem considering the cost that cybercrime already has on our society – just last year, the total cost was estimated at $8 trillion, and this is expected to grow to over $400 trillion in the next two years.
AI as a Defensive Tool
While the outlook looks bleak, as we mentioned before, AI is just as much a tool for cybersecurity as it is for cybercriminals. Already in business, it has become an effective means of upgrading workflow, while in the cybersecurity industry, it is being used to recognize patterns and perform proactive actions against cyber threats, rather than reactive ones.Â
They can do this by automating the incident response, analyzing huge amounts of data to recognize inconsistencies, and detecting attacks in real-time. As well as this, AI can make the process of threat detection more reliable and streamlined. One of the major challenges for analysts, for instance, is identifying false positives – alerts or vulnerabilities that have been incorrectly flagged.Â
With machine learning algorithms, however, AI-enabled cybersecurity tools can distinguish what is genuine and what is false, saving time and finances for organizations that would otherwise have been wasted – while allowing them to focus on other, more immediate areas of cybersecurity.Â
According to recent research, around 82% of cybersecurity companies are planning to invest in AI-driven cybersecurity before the end of 2025, with 48% planning to invest this year. With this investment, the technology is also going to get better, perhaps helping it outweigh the negative side of AI.
Because whether we like it or not, AI technology is a tool for cyber attackers, and it will continue to be so. But with seismic investment and widespread application, it can also be the perfect shield that the cybersecurity industry has been searching for.