AI Series Part 1: Introduction to the Modern Threats of AI

AI Series Part 1: Introduction to the Modern Threats of AI

Artificial Intelligence - Part 1

AI Series Part 1 - NetragardAI Series Part 1 of 6

This is the first post in a series discussing AI and its impacts on modern life. Artificial Intelligence is useful, powerful, and dangerous when used irresponsibly. Its being leveraged by a wide variety of industries including but not limited to social media, defense contractors and information security companies. Some of the dangers created by the use of AI are overt while others are very subtle. For example, the ongoing rapid development of autonomous weapons is overt while the use of AI in social media is subtle and possibly more damaging. The AI used in various social media platforms is in part responsible for the current divide here in the united states.

Introduction to AI

Artificial intelligence (AI) occupies an unusual position in the public consciousness. On the one hand, every cybersecurity solution – and a number in other tech industries as well – seems to contain “AI”, a claim that carries varying levels of truth. On the other hand, many of the things that most people think of as AI – such as general intelligence, conscious robots, etc. – have not yet been created.

While “traditional” popular conceptions of AI are still in the future, AI is a very real part of our daily lives today. AI already shapes how people think and behave – often without their knowledge – and other parts of daily life.

This article launches a series on the modern use of AI. This series discusses some of the ways in which AI is commonly used today and the cybersecurity considerations of AI-based systems.

The Modern Threats of AI

AI has effects on many different aspects of daily life. Some of the biggest areas where AI plays a critical role in society include:

  • Social Media: Social media is a core part of many peoples’ lives. These “free” platforms make massive profits by monetizing their users’ attention and their personal data. AI is a core part of how these platforms optimize their content to maximize the time that their users spend on them and the amount of targeted advertising that they are able to sell.
  • Facial Recognition: Facial recognition systems are a contentious topic as these systems are used by law enforcement and other organizations to automatically identify and track individuals. However, the AI behind these systems is extremely – and potentially unintentionally – biased by how they are made and trained.
  • Automated Content Creation: Trust in the digital world is driven by consensus. Articles supporting certain viewpoints and reviews or comments on pages can have a significant impact on peoples’ worldviews and how they respond to the content. Modern AI is increasingly capable of generating automated, “plausible” content and human pictures, making it possible to rapidly generate fake content or reviews about anything that looks like it came from a real human being.

These three topics will be the focus of the next few articles in this series. In each, we will dive into the details of how AI is used in each of these particular scenarios, what they do right, and where they go wrong.

AI and Cybersecurity

As we become more reliant on AI as part of our daily lives, it is also important to consider the security of AI systems. What makes an infosec AI system effective or ineffective? Is it possible to “hack” AI in ways beyond standard IT security?

The final two articles in this series will deal with the security of AI systems:

  • Hacking AI: AI systems are designed to learn and create their own decision-making models. This self-learning process, while essential to the growth and development of AI, also makes these systems vulnerable to exploitation.
  • Fixing AI: Implicit biases, underspecification, and deliberate exploitation can cause AI systems to learn to make the wrong decisions or to make decisions in the “wrong” way. Fixing and securing AI requires an understanding both of how it can be broken and the steps that can be taken to improve and secure it.

Protecting the AI-Driven Enterprise

Being “data driven” is a goal of most organizations, and AI systems are a crucial part of accomplishing this. As organizations continue to develop and deploy AI solutions, it is essential to understand the capabilities of AI and where things can go wrong.

This series dives into the modern use of AI. It explores how AI is used today, the risks and benefits to its creators and other parties, and the security considerations of AI-based systems.

AI Series Part 2 >

Blog Posts

Karen Huggins

Chief Financial, HR and Admin Officer
Karen joined the Netragard team in 2017 and oversees Netragard’s financial, human resources as well as administration functions. She also provides project management support to the operations and overall strategy of Netragard.
 
Prior to joining Netragard, she worked at RBC Investor Services Bank in Luxembourg in the role of Financial Advisor to the Global CIO of Investor Services, as well as several years managing the Financial Risk team to develop and implement new processes in line with regulatory requirements around their supplier services/cost and to minimize the residual risk to the organization.
 
With over 20 years of experience in finance with global organizations, she brings new perspective that will help the organization become more efficient as a team. She received her Bachelor of Finance from The Florida State University in the US and her Master of Business Administration at ESSEC Business School in Paris, France.

Philippe Caturegli

Chief Hacking Officer
Philippe has over 20 years of experience in information security. Prior to joining Netragard, Philippe was a Senior Manager within the Information & Technology Risk practice at Deloitte Luxembourg where he led a team in charge of Security & Privacy engagements.

Philippe has over 10 years of experience in the banking and financial sector that includes security assessment of large and complex infrastructures and penetration testing of data & voice networks, operating systems, middleware and web applications in Europe, US and Middle East.

Previously, Philippe held roles within the information system security department of a global pharmaceutical company in London. While working with a heterogeneous network of over 100,000 users across the world and strict regulatory requirements, Philippe gained hands-on experience with various security technologies (VPN, Network and Application Firewalls, IDS, IPS, Host Intrusion Prevention, etc.)

Philippe actively participates in the Information Security community. He has discovered and published several security vulnerabilities in leading products such as Cisco, Symantec and Hewlett-Packard.

He is a Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), PCI Qualified Security Assessors (PCI-QSA), OSSTMM Professional Security Analyst (OPSA), OSSTMM Professional Security Tester (OPST), Certified in Risk and Information Systems Control (CRISC)and Associate Member of the Business Continuity Institute (AMBCI).

Adriel Desautels

Chief Technology Officer
Adriel T. Desautels, has over 20 years of professional experience in information security. In 1998, Adriel founded Secure Network Operations, Inc. which was home to the SNOsoft Research Team. SNOsoft gained worldwide recognition for its vulnerability research work which played a pivotal role in helping to establish today’s best practices for responsible disclosure. While running SNOsoft, Adriel created the zeroday Exploit Acquisition Program (“EAP”), which was transferred to, and continued to operate under Netragard.
 
In 2006, Adriel founded Netragard on the premise of delivering high-quality Realistic Threat Penetration Testing services, known today as Red Teaming. Adriel continues to act as a primary architect behind Netragard’s services, created and manages Netragard’s 0-day Exploit Acquisition Program and continues to be an advocate for ethical 0-day research, use and sales.
 
Adriel is frequently interviewed as a subject matter expert by media outlets that include, Forbes, The Economist, Bloomberg, Ars Technica, Gizmodo, and The Register. Adriel is often an invited keynote or panelist at events such as Blackhat USA, InfoSec World, VICELAND Cyberwar, BSides, and NAW Billion Dollar CIO Roundtable.