With the proliferation of artificial intelligence (AI) technology shaping the digital world at an increasing pace, Gunter Ollmann, CSO of Microsoft’s Cloud and AI Security division, expects that the first examples of AI-driven malware will emerge in the next two to three years. He outlines 6 different capabilities of AI malware that should be relatively easy to develop:
- Automated compromise of systems and networks that does not require frequent communications between the malware and the command-and-control (C&C) server of the attacker.
- Identification of the most valuable data on compromised systems through data labeling and classification, which will involve machine learning (ML).
- Employment of conversational AI to participate in email and chat communications on compromised devices while masquerading as targeted users in order to socially engineer coworkers of victims.
- Use of AI-driven speech to text translation in order to capture valuable information from the environment that can be recorded with the microphone of a compromised machine.
- Use of embedded cognitive AI in order to determine various characteristics of victims and deploy payloads only if victims meet certain criteria.
- Creation of a “bio-profile” of users based on their behavioral characteristics in order to bypass advanced behavioral monitoring systems.
Read more: Get Ready for the First Wave of AI Malware
