Developing effective malware is neither easy nor quick; it takes skill and experience. Hackers are often IT experts, using in depth knowledge of computers and networks to build brand new viruses and exploits.
Computers themselves are becoming smarter however. Technologies like machine learning (ML) and artificial intelligence (AI) allow developers to build applications that can “think” and adapt as circumstances change. By analysing data, these systems can spot patterns and use that knowledge to automate actions – without human intervention.
But where scientists are using ML and AI to diagnose cancer or identify manufacturing faults automatically, hackers are using it to develop new malware and advanced cyberattack techniques.
Moving beyond automation
Malware that extends its own capabilities is nothing new. The Olympic Destroyer malware would update its own source code as it harvested user credentials from compromised computers. Those passwords could then be used to break into other computers, allowing the infection to spread across the network.
Undoubtedly clever, but Olympic Destroyer could only follow the instructions written in its source code. It never actually evolved or developed any new capabilities as it spread.
Self-learning malware
When misused, artificial intelligence could be used to build self-learning malware capable of completely modifying its activities as it spreads. This type of virus would be able to analyse security defences and develop its own methods for exploiting vulnerabilities, constantly updating as it learns more about the target environment.
With the ability to change its activities, self-learning malware would be much harder to detect – particularly as it could learn how to defeat some anti-malware tools.
This kind of computer virus sounds like a science fiction movie – but one influential industry analyst is already predicting that self-learning malware will cause a major security breach by 2024.
How worried should I be?
There is little evidence of AI-powered malware in the wild – for now. Basic security vulnerabilities (weak passwords, unpatched software, ineffective firewalls) make it much easier for hackers to break into systems, so there’s no need for them to use advanced technologies like artificial intelligence – yet.
Self-learning malware will change the way we respond to infections too. Where traditional anti-malware tools detect the specific ‘signature’ of a computer virus, self-learning malware needs a different approach. In future, anti-malware will also need to apply machine learning techniques to monitor and learn normal system activity. It can then identify and block suspicious activity, rather than the malware itself.
Security providers are already one step ahead
Better yet, this self-learning anti-malware technology already exists and is being used by providers like Panda Security to protect customers.