Generative AI Attacks Require Dynamic Defense

with the change in type of attack, trying to use a scripted recipe from a different kind of attack for remediation is like trying to use a recipe with the wrong ingredients. Against this background our digital world has grown bigger, more complex, and more all-encompassing. In doing so, it has opened a large and growing opportunity for attacks. And, the damage that attacks can cause has also increased. Up until now, it has been primarily human attackers finding new types of attacks, and human defenders creating new sieves and recipes in response. Attackers have used automation to increase the number of attacks and speed with which they can deploy new ones. That has been a challenge for defenders. But, something of a balance has been achieved. 

Many argue it’s not a good balance, as demonstrated by the size of the financial cybersecurity losses, etc. But still, something of a balance.  Generative AI is fundamentally changing this balance, however. It has the ability to rapidly identify a very large number of new generic attack types. Plus, it can customize these for a particular target. The cost of each launch is relatively low. So, not every attack has to be successful -- that is, pay off. These attacks can be loaded into the automated attack systems and launched. As a result, the number and variability of attacks will accelerate dramatically. 

The result is a large number of attacks that change very rapidly – too rapidly for patterns to be identified and installed in today’s defensive tools. It will be extremely difficult for these systems to defend against these Generative AI attacks. It is similar to Covid-19 mutating faster than scientists could produce a vaccine, in order to fully protect against the spread of the disease.

These types of Generative AI created attacks can be characterized as dynamic. Because the attacks are ever-changing, an effective response can’t be easily anticipated and scripted. A different approach is necessary. One that can respond to the dynamic nature of the attacks.

Generative AI Attacks

Generative AI is on a rapidly accelerating course. There are attempts to control it so that it’s not used for nefarious purposes. But, there are also well documented ways of bypassing those controls. Attackers now have these new Generative AI “bombs” used to attack information systems.

This is occurring rapidly. So quickly that at RSA (the largest cybersecurity conference held annually in San Francisco) this year, there were no presentations on the above threats as detailed. But the conversations in the hallways were dominated by them. That means that in the few months before the conference while people were preparing their formal presentations, the threat was not fully recognized. But when the few people who understood it started talking about the threat in the hallways, it spread like wildfire.

Generative AI Can’t Defend Against Generative AI

Some defenders will try to use Generative AI to defend and this may set off an arms race. But, defending Generative AI’s will always be at a disadvantage no matter how powerful and fast they are. This is because many of the Generative AI attacks will be targeting the network edge or the middle. The defending Generative AI in a data center will have to:

1. Gather information at the point of attack (network edge, middle, etc.);
2. Deliver it to the Generative AI to be combined with large amounts of data from other parts of the network (collection and handling of this amount of data will be time-consuming);
3. Process all of the data to locate, identify, and characterize the attack;
4. Determine the correct remediation for that attack;
5. Finally, transmit instructions to the network edge or middle to perform remediation.

The time inherent in these steps will give the attacker enough time to achieve the attack’s objective. It is a fundamental latency problem that, for technical reasons, the data center Generative AI’s will not be able to overcome. On top of this, experts in