Attacks by malicious hackers using artificial intelligence could swamp smaller companies that are already overwhelmed by cybercrime, experts warned lawmakers during a congressional hearing Tuesday. Testifying before the House Homeland Security and Governmental Affairs subcommittee on cybersecurity and infrastructure protection, experts from the private sector discussed AI-related threats, including increased efficiency for malicious hackers to develop malware, spread disinformation and elevate the scale of attacks at a time when smaller businesses are constantly being impacted by hacks. Bringing up the famous and complex Stuxnet virus that took down the Iranian nuclear plant, Alex Stamos, chief trust officer at SentinelOne, said that developing the worm required a substantial amount of resources. With AI, Stamos warned, such operations could become less costly for attackers. “My real fear is that we’re going to have AI-generated malware that won’t need that,” Stamos said. “That if you drop it inside of an air gap network in a critical infrastructure network, it will be able to intelligently figure out, ‘Oh, this bug here, this bug here and take down the power grid even if you have an air gap.’” Stamos also noted that in recent years, criminal cybercrime groups have become “professionalized” with the technical sophistication that one would expect from nation-backed hackers. “The truth is, we’re not doing so hot,” Stamos said. “We’re kinda losing.” Small and medium businesses, Stamos said, are “not ready to play at that level.” He advocated for moving those smaller players to the cloud so there is less responsibility on individual organizations and more “collective defense.”
About OODA Analyst
OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.