Skip to content

Security Showdown: AI Could Help Counter Cyberattacks

But Artificial Intelligence could also leave a lot of IT workers without jobs.

MUMBAI, India — Artificial Intelligence could play a major role in fighting cybercrime and could also leave a lot of IT leaders out of work by 2030, a new report says.

A survey by cloud security firm Trend Micro found that AI could be used to counter cyberattacks, but with limitations.

“AI can significantly help reduce the burden on manpower by doing all the heavy lifting and identifying only the events of interest that a human operator can then triage and investigate,” said Bharat Mistry, technical director UK and Ireland, at Trend Micro.

He believes that AI would have the ability to automatically identify, contain and fix potential breaches, but would still need a human touch at some point.

Bug bounty hunter and CEO of cybersecurity firm AppSecure, Anand Prakash, concurs.

“Adapting AI according to the changing cybersecurity landscape is not that easy and will require a lot of new data to understand the underlying systems and what vulnerabilities can arise,” Prakash said. He noted that, “manual human intervention will always be needed, although to a lesser extent than it is now.”

Just as AI will speed up identifying and fixing cybersecurity breaches, it will also be exploited by cybercriminals to automate and accelerate their activities as well, those in the field say.

Trend Micro found that around 19 percent of the IT leaders it surveyed believe it will be common for cybercriminals to exploit AI to launch cyberattacks.

The survey on the future of IT jobs was conducted with over 500 IT directors and managers, as well as chief information officers and chief technology officers from the UK.

Around 41 percent of those surveyed believe that AI would replace their jobs, and 32 percent were confident that AI would automate all cybersecurity tasks with little need for human intervention.

Mistry, the technical director at Trend Micro, said that innovation is a double-edged sword in that it could be used for purposes it was never intended for.


“As an example,” Mistry said, “Trend Micro currently uses AI for writing style analysis to help determine if an email was written by the actual person or by someone else who compromised the account. In the wrong hands, I can foresee this technology being used to impersonate the writing style of someone senior in an organization for nefarious purposes.”

The problem of cybercrimes is accentuated by the dearth of cybersecurity professionals.

“Seventy percent of cybersecurity professionals claim that their organization is impacted by the cybersecurity skills shortage,” said Jon Oltsik, senior principal analyst at Enterprise Strategy Group, quoting a report by ESG and the Information Systems Security Association.

The Data Security Council of India projected in 2015 that the country needed 1 million cybersecurity professionals by 2020, but to date there is only one-tenth of that number in the country.

Covid and cybersecurity

Since March 2020, companies have been forced to reevaluate their security strategy as many professionals have been working from home due to lockdowns during the pandemic. A number of companies required workers to use virtual private networks or VPNs, which offer online privacy and anonymity by creating a private network from a public internet. The use of VPNs exploded, with one provider, NordVPN, reporting a 165 percent spike in users due to more people working from home.

Prakash said that a lot of companies that were facing bandwidth issues started opening up internal applications and servers to its remote users, in some cases without a VPN.

“This enabled hackers to scan more assets, and they started gaining more information about companies. Some companies didn’t even use VPN, but simply did office IP address whitelisting, etc.,” said Prakash.  IP address whitelisting is an approved list of IP addresses and/or domains that have permission to access your domain, and is only for trusted users.

Without greater cybersecurity measures, home networks could more easily be the launch points for cybercrime, with computers being hijacked and access to corporate data gained.

Representational images of computer motherboard.(Michael Dziedzic/Unsplash)

Another report by Trend Micro, with its predictions for 2021, states that remote and cloud-based systems will be the main target for cybercriminals.

“Malicious actors will either take advantage of installed software or ‘wormable’ unpatched vulnerabilities — hopping from one remote worker’s machine to another until it finds a suitable target,” the report states.

“Employees who remotely access confidential and critical information (e.g., human resources, sales and tech support) will also be actively targeted by data-stealing attacks in 2021. A lack of an intrusion detection system or a firewall in place, coupled with high-speed internet bandwidth, will make it especially easy for threat actors to move from one corporate network to the next.”

With 5G set to become mainstream in a couple of years and likely widespread use of the Internet of Things devices, cybercriminals are bound to get bolder, the report states.

Prakash said that organizations need to look beyond traditional security and compliance methods.

“In 2020, big consumer-facing Indian companies such as BigBasket, Dunzo, Unacademy, among others, got hacked,” Prakash said. “The realization is finally dawning that if you want to prevent hackers from attacking your systems, you have to start thinking like hackers.”   

(Edited by Namrata Acharya and Judith Isacoff.)

Recommended from our partners