The softer side of non-traditional security, including cyber security, is getting more attention from the mass media, intelligence-related agencies, government departments, large multinationals, and other crucial stakeholders. The threats that traditionally endanger private sector transactions are increasingly appearing to endanger national security systems.
Even some seemingly harmless hacks are endangering real world security; for example, recent accusations of fake news production potentially affecting international relations and the outcomes of elections. These capabilities are now far beyond the usual common attempts at hacking like applying electronic graffiti on government webpages. They can endanger national security, regional relationships, international relations, and perhaps in the near future, even world peace.
Some in the intelligence community and private sector solutions providers are advocating artificial intelligence as a solution to resolving cyber security vulnerabilities. It appears commercially available anti-virus software solutions are becoming less potent against resourceful hacks. Even great firewalls can be surmounted with primitive tools.
Advocates argue that artificial intelligence is more attentive and precise in monitoring activities on the internet compared to human monitors. Their responses are also much faster than human operators and monitors of cyber security. In this sense, there are both potential pre-emptive and operational functions for artificial intelligence in tackling cyber security concerns. Artificial intelligence, if harnessed in an ethical and well-planned manner, can greatly improve human capabilities in cyber security.
Compared to humans, artificial intelligence and algorithms also have other advantages such as faster and speedier interception of information, more precise identification of human targets and threats, and faster interpretive capabilities when trying to make sense of large inventories and stocks of information.
As they are complex systems, they also have the potential for immense predictive and anticipative capabilities based on normative behaviors, large databases, statistical pools of information, and accessible information to dip into. Human operators are far more limited in their abilities to tap into such databases and interpret information within a short time, something possible for algorithms and artificial intelligence to achieve.
Many of these functions are beyond normal human capabilities and are only manageable by self-learning and self-adapting algorithms that have access to large databases. Predictive and anticipative behaviors can only be possible with such tools and artificial intelligence system. This can then facilitate scenario-planning, particularly for intelligence and security agencies in planning their operations and making decisions that can affect many lives.
States and law enforcement agencies are not the only groups and organizations using such technologies. Even well-funded groups operating outside the law with access to immense resources (e.g. criminal groups, terrorists, pirates, human traffickers, mobsters, mafia, anarchists, and hacker organizations) now have access to sophisticated tools. State-sponsored operations by rogue nations are larger in scale and more destructive in causing damage to public security and world peace.
Given that artificial intelligence algorithms can learn and operate on their own, they may be unpredictable and lead to unpredictable consequences.
There are incentives for such illegal groups to acquire technologies to breach national defenses or the cyber protection systems of large multinational corporations. Given that data mining is like gold mining of the past as such data and information can be sold to states, private enterprises, and other data miners for a tidy profit, these illegal groups are motivated and incentivized to move into such activities. Beyond theft, insertion of fake information and alterations of information systems infrastructure are even more sinister and dangerous.
The hope amongst the security community is the use of algorithm-operated software that can learn and pick out dissonance, detect breaches to cyber systems early and neutralize them to limit the damage they can do to data and information systems.
Some of these artificial intelligence solutions are modelled after biological functions of the human immune system. Other systems are designed to attack and neutralize intruders. Yet others can isolate or slow down attacks for appropriate solutions to emerge. Artificial intelligence is already applied in crucial human complex organizations like stock markets, climate predictive systems, weapons systems, and they are defenders against chaos and mishaps in these systems that can affect human civilization.
It is quite likely that artificial intelligence alone cannot resolve all cyber security challenges and it will require real world intelligence gathering and law enforcement combined with artificial intelligence solutions in order to tackle the challenges. Artificial intelligence is seen as the virtual equivalent of security agencies tackling real world challenges that include threats to the state like terrorist attacks, theft of confidential information, illegal data smuggling and sale of information, etc.
In this sense, training for human personnel to operate the systems as well as training for intelligence specialists on the ground to target illegal groups that operate such systems run in parallel and are equally important. Specialized training for technical personnel may be necessary if such training is not already offered in the tertiary institutions or standardized school systems of the user countries.
Besides technical training, awareness and preparatory training is also necessary for personnel using, guarding, and operating the security infrastructures to learn how to spot breaches, potential violations, and detect tell-tale signs so that these breaches in information systems can be reported earlier as well. It takes a combination of both human operators and artificial intelligence software to operate effective defenses against hackers.
Of course, there are also calls to guard the ethical use of artificial intelligence as the cyber defender is a double-edged sword and can also be used to attack states. Detractors are also worried that, given that artificial intelligence algorithms can learn and operate on their own, they may be unpredictable and lead to unpredictable consequences.
Another potential danger may be that rival artificial intelligence systems or algorithms may make decisions or carry out operations that can result in unintended consequences when they come into conflict with each other. Because these decisions are made in moments too fast for humans to spot or predict, humans are unable to detect something amiss or, if and when they do, it is too late for any corrective action.
Currently, in many countries, it is also not known clearly and unambiguously which state department has the responsibility to oversee the ethical use of artificial intelligence software or the department that is responsible for destroying the application or software if it goes haywire or if it is not needed anymore. Some detractors even argue that, if the consequences are unpredictable and if there are no safety backups in place, artificial intelligence should not be created in the first place.