Short answer to this question is Yes! Bruce Schneier(a fellow at the Berkman center for Internet and Society at Harvard University) said this in his paper of April 2021:
“One, AI systems will be used to hack us. And two, AI systems will themselves become hackers: finding vulnerabilities in all sorts of social, economic, and political systems, and then exploiting them at an unprecedented speed, scale, and scope,” Schneier said. “It’s not just a difference in degree; it’s a difference in kind. We risk a future of AI systems hacking other AI systems, with humans being little more than collateral damage.”
We have seen the headlines of company products which consist of AI programs. So Bruce Schneier is saying that attacking AI programs are going to say
“Hacking is as old as humanity. We are creative problem solvers. We are loophole exploiters. We manipulate systems to serve our interests. We strive for more influence, more power, more wealth. Power serves power, and hacking has forever been a part of that.
Still, no humans maximize their own interests without constraint. Even sociopaths are constrained by the complexities of society and their own contradictory impulses. They’re concerned about their reputation, or punishment. They have limited time. These very human qualities limit hacking.”
The Computer will learn how to hack and it will learn quickly, much faster than a human. So is it true as Mr. Schneier says that in 10 years (some of the research quoted in paper was in 2016) there will be advanced hacking AI’s to the point that if your defense is open you will be sunk in a morass of ransomware or a general hacking nightmare which we cannot fathom at this point?
Only 3 years from now? So what is it that we have to do? We have to create a systemic method of defending our systems.
Locate any trouble spots with a good log server system – and then have a method to update and patch your environment
I asked the Gab AI to create a “Robot computer AI hacking computers” here are 2(best) results:
What about when new problems arise? Like when Log4j vulnerabilities came, the difficulty came in finding everything that could possibly have log4j in it: Log4j has been fixed by Apache Foundations?
We have to learn how to set up a systemic defense – with the best programs possible. A next generation Firewall, with log server that indexes the logs of all systems and a patching method that does not miss any system.
Contact us to discuss