China-backed hackers caused a lot of trouble for US companies in 2023. And they’re expected to continue their aggressive behavior in 2024- especially due to the upcoming presidential election. While cybersecurity experts have already warned hackers are using AI and machine learning to bypass firewalls, the US National Security Agency (NSA) believes AI could also be used as a tool to hunt down bad actors.
Speaking at Fordham University in New York on Tuesday, the NSA director of cybersecurity, Rob Joyce, confirmed state-backed hackers utilize AI to level up their attacks and target high-profile companies. As Techcrunch reports, Joyce added AI is helping them find and hunt down hackers. “…AI, machine learning [and] deep learning is absolutely making us better at finding malicious activity,” he noted.
NSA oversees and hunts down China state-backed hackers with AI
The NSA official didn’t mention which cyber attacks on the US were state-backed and which one of them involved AI. However, he alluded to the recent China-based hacker attacks as an example of how artificial intelligence is helping the US to repel cyber attacks on its infrastructures.
“They’re in places like electric, transportation pipelines, and courts, trying to hack in so that they can cause societal disruption and panic at the time in place of their choosing,” Joyce noted.
According to Joyce, Chinese hackers exploit vulnerabilities to access a system and pretend to be an authorized user. Meanwhile, the US uses machine learning, big data, and AI to detect and monitor malicious activities. This is mainly because bad actors don’t behave like regular operators. Joyce says this gives the upper hand to the US. The NSA official says AI won’t be a magical tool. But it makes “those that use AI more effective and more dangerous.”
Joyce also noted that less capable hackers utilize AI to overcome their technical weaknesses. Additionally, AI is helping hackers craft more professional English text in cases like phishing emails.
The upcoming US presidential election certainly catches the eyes of state-backed hackers from China and Russia. After targeting Microsoft email servers in July, a Chinese hacking group has recently targeted a US research organization.