人工智能對(duì)網(wǎng)絡(luò)威脅的近期影響(英文版)_第1頁
人工智能對(duì)網(wǎng)絡(luò)威脅的近期影響(英文版)_第2頁
人工智能對(duì)網(wǎng)絡(luò)威脅的近期影響(英文版)_第3頁
人工智能對(duì)網(wǎng)絡(luò)威脅的近期影響(英文版)_第4頁
人工智能對(duì)網(wǎng)絡(luò)威脅的近期影響(英文版)_第5頁
已閱讀5頁,還剩11頁未讀, 繼續(xù)免費(fèi)閱讀

下載本文檔

版權(quán)說明:本文檔由用戶提供并上傳,收益歸屬內(nèi)容提供方,若內(nèi)容存在侵權(quán),請(qǐng)進(jìn)行舉報(bào)或認(rèn)領(lǐng)

文檔簡(jiǎn)介

3/4/24,11:35AMThenear-termimpactofAIonthecyberthreat-NCSC.GOV.UK

Thenear-termimpactofAIonthecyberthreat

AnNCSCassessmentfocusingonhowAIwillimpacttheefficacyofcyber

operationsandtheimplicationsforthecyberthreatoverthenexttwoyears.

UKCyberPolicycomment

DuringtheBletchleyAISafetySummitinNovember2023,internationalleaderscame

togethertodiscussthevastpotentialofAImodelsinpromotingeconomicgrowth,

propellingscientificadvances,andprovidingawiderangeofpublicbenefits.TheyalsounderscoredthesecurityrisksthatcouldarisefromtheirresponsibledevelopmentanduseofAItechnologies.TheUKgovernmentisevaluatingandaddressingthepotentialthreatsandrisksassociatedwithAI.

WhileitisessentialtofocusontherisksposedbyAI,wemustalsoseizethesubstantialopportunitiesitpresentstocyberdefenders.Forexample,AIcanimprovethedetectionandtriageofcyberattacksandidentifymaliciousemailsandphishingcampaigns,

ultimatelymakingthemeasiertocounteract.

TheSummitDeclarationhighlightedtheimportanceofensuringthatAIisdesigned,

developed,deployed,andusedinamannerthatissafe,human-centric,trustworthy,andresponsibleforthebenefitofall.TheNCSCcontinuestoworkwithinternationalpartnersandindustrytoprovideguidanceonthesecuredevelopmentanduseofAI,sothatwe

canrealisethebenefitsthatAIofferstosociety,publishing

GuidelinesforSecureAI

SystemDevelopment

inNovember2023.

NCSCAssessment

NCSCAssessment(NCSC-A)istheauthoritativevoiceonthecyberthreattotheUK.Wefuseall-sourceinformation–classifiedintelligence,industryknowledge,academicmaterialandopensource–toprovideindependentkeyjudgementsthatinformpolicydecisionmakingandimproveUKcybersecurity.Wework

closelywithgovernment,industryandinternationalpartnersforexpertinputintoourassessments.

.uk/report/impact-of-ai-on-cyber-threat

1/8

3/4/24,11:35AMThenear-termimpactofAIonthecyberthreat-NCSC.GOV.UK

NCSC-AispartoftheProfessionalHeadsofIntelligenceAssessment(PHIA).PHIA

leadsthedevelopmentoftheprofessionthroughanalyticaltradecraft,professionalstandards,andbuildingandsustainingacross-governmentcommunity.

Thisreportusesformalprobabilisticlanguage(seeyardstick)fromNCSC-A

producttoinformreadersaboutthenear-termimpactonthecyberthreatfromAI.TolearnmoreaboutNCSC-A,pleasecontact

enquiries@.uk

.

Howlikelyisa'realisticpossibility'?

ProfessionalHeadofIntelligenceAssessment(PHIA)probabilityyardstick

NCSCAssessmentusesthePHIAprobabilityyardstickeverytimewemakeanassessment,judgement,orprediction.Thetermsusedcorrespondtothe

likelihoodrangesbelow:

Keyjudgements

·Artificialintelligence(AI)willalmostcertainlyincreasethevolumeandheightentheimpactofcyberattacksoverthenexttwoyears.However,theimpactonthecyberthreatwillbeuneven(

seetable1

).

.uk/report/impact-of-ai-on-cyber-threat

2/8

3/4/24,11:35AMThenear-termimpactofAIonthecyberthreat-NCSC.GOV.UK

·Thethreatto2025comesfromevolutionandenhancementofexistingtactics,techniquesandprocedures(TTPs).

·Alltypesofcyberthreatactor–stateandnon-state,skilledandlessskilled

–arealreadyusingAI,tovaryingdegrees.

·AIprovidescapabilityupliftinreconnaissanceandsocialengineering,

almostcertainlymakingbothmoreeffective,efficient,andhardertodetect.

·MoresophisticatedusesofAIincyberoperationsarehighlylikelytobe

restrictedtothreatactorswithaccesstoqualitytrainingdata,significantexpertise(inbothAIandcyber),andresources.Moreadvancedusesareunlikelytoberealisedbefore2025.

·AIwillalmostcertainlymakecyberattacksagainsttheUKmoreimpactful

becausethreatactorswillbeabletoanalyseexfiltrateddatafasterandmoreeffectively,anduseittotrainAImodels.

·AIlowersthebarrierfornovicecybercriminals,hackers-for-hireand

hacktiviststocarryouteffectiveaccessandinformationgathering

operations.Thisenhancedaccesswilllikelycontributetotheglobalransomwarethreatoverthenexttwoyears.

·Movingtowards2025andbeyond,commoditisationofAI-enabledcapabilityincriminalandcommercialmarketswillalmostcertainlymakeimproved

capabilityavailabletocybercrimeandstateactors.

Context

ThisassessmentfocusesonhowAIwillimpacttheeffectivenessofcyber

operationsandtheimplicationsforthecyberthreatoverthenexttwoyears.It

doesnotaddressthecybersecuritythreattoAItools,northecybersecurityrisksofincorporatingthemintosystemarchitecture.

TheassessmentassumesnosignificantbreakthroughintransformativeAIinthistimeperiod.Thisassumptionshouldbekeptunderreview,asanybreakthrough

couldhavesignificantimplicationsformalwareandzero-dayexploitdevelopmentandthereforethecyberthreat.

.uk/report/impact-of-ai-on-cyber-threat

3/8

3/4/24,11:35AMThenear-termimpactofAIonthecyberthreat-NCSC.GOV.UK

TheimpactofAIonthecyberthreatwillbeoffsetbytheuseofAItoenhance

cybersecurityresiliencethroughdetectionandimprovedsecuritybydesign.

MoreworkisrequiredtounderstandtheextenttowhichAIdevelopmentsincybersecuritywilllimitthethreatimpact.

Assessment

1.TheimpactofAIonthecyberthreatisuneven;bothintermsofitsusebycyberthreatactorsandintermsofupliftincapability.

2.Table1:ExtentofcapabilityupliftcausedbyAIovernexttwoyears.

.uk/report/impact-of-ai-on-cyber-threat

4/8

3/4/24,11:35AMThenear-termimpactofAIonthecyberthreat-NCSC.GOV.UK

Highlycapable

statethreatactors

Capablestateactors,commercialcompaniessellingtostates,

organisedcybercrime

groups

Less-skilledhackers-for-hire,opportunisticcybercriminals,

hacktivists

Intent

High

High

Opportunistic

Capability

HighlyskilledinAIandcyber,wellresourced

Skilledincyber,someresourceconstraints

Novicecyberskills,limitedresource

Reconnaissance

Moderateuplift

Moderateuplift

Uplift

Social

engineering,phishing,

passwords

Uplift

Uplift

Significantuplift(fromlowbase)

Tools(malware,exploits)

Realisticpossibilityofuplift

Minimaluplift

Moderateuplift(fromlowbase)

Lateralmovement

Minimaluplift

Minimaluplift

Nouplift

Exfiltration

Uplift

Uplift

Uplift

Implications

Bestplacedto

harnessAI'spotentialinadvancedcyber

operationsagainst

networks,forexampleuseinadvanced

malwaregeneration.

Mostcapabilityupliftinreconnaissance,socialengineeringand

exfiltration.WillproliferateAI-enabledtoolstonovicecyberactors.

Lowerbarriertoentrytoeffectiveandscalableaccessoperations-

increasingvolumeof

successfulcompromise

ofdevicesandaccounts.

KEY:MINIMALUPLIFT囚MODERATEUPLIFT囚UPLIFT囚SIGNIFICANTUPLIFT

3.AIwillprimarilyofferthreatactorscapabilityupliftinsocialengineering.

GenerativeAI(GenAI)canalreadybeusedtoenableconvincinginteractionwithvictims,includingthecreationofluredocuments,withoutthe

translation,spellingandgrammaticalmistakesthatoftenrevealphishing.Thiswillhighlylikelyincreaseoverthenexttwoyearsasmodelsevolveanduptakeincreases.

.uk/report/impact-of-ai-on-cyber-threat

5/8

3/4/24,11:35AMThenear-termimpactofAIonthecyberthreat-NCSC.GOV.UK

4.AI’sabilitytosummarisedataatpacewillalsohighlylikelyenablethreatactorstoidentifyhigh-valueassetsforexaminationandexfiltration,

enhancingthevalueandimpactofcyberattacksoverthenexttwoyears.

5.Threatactors,includingransomwareactors,arealreadyusingAItoincreasetheefficiencyandeffectivenessofaspectsofcyberoperations,suchas

reconnaissance,phishingandcoding.Thistrendwillalmostcertainly

continueto2025andbeyond.Phishing,typicallyaimedeitheratdelivering

malwareorstealingpasswordinformation,playsanimportantrolein

providingtheinitialnetworkaccessesthatcybercriminalsneedtocarryoutransomwareattacksorothercybercrime.Itisthereforelikelythatcyber

criminaluseofavailableAImodelstoimproveaccesswillcontributetotheglobalransomwarethreatinthenearterm.

6.AIislikelytoassistwithmalwareandexploitdevelopment,vulnerability

researchandlateralmovementbymakingexistingtechniquesmore

efficient.However,inthenearterm,theseareaswillcontinuetorelyon

humanexpertise,meaningthatanylimitedupliftwillhighlylikelyberestrictedtoexistingthreatactorsthatarealreadycapable.AIhasthepotentialto

generatemalwarethatcouldevadedetectionbycurrentsecurityfilters,butonlyifitistrainedonqualityexploitdata.Thereisarealisticpossibilitythat

highlycapablestateshaverepositoriesofmalwarethatarelargeenoughtoeffectivelytrainanAImodelforthispurpose.

7.Cyberresiliencechallengeswillbecomemoreacuteasthetechnology

develops.To2025,GenAIandlargelanguagemodels(LLMs)willmakeit

difficultforeveryone,regardlessoftheirlevelofcybersecurity

understanding,toassesswhetheranemailorpasswordresetrequestis

genuine,ortoidentifyphishing,spoofingorsocialengineeringattempts.Thetimebetweenreleaseofsecurityupdatestofixnewlyidentified

vulnerabilitiesandthreatactorsexploitingunpatchedsoftwareisalreadyreducing.Thishasexacerbatedthechallengefornetworkmanagersto

patchknownvulnerabilitiesbeforetheycanbeexploited.AIishighlylikelytoacceleratethischallengeasreconnaissancetoidentifyvulnerabledevicesbecomesquickerandmoreprecise.

8.Expertise,equipment,timeandfinancialresourcingarecurrentlycrucialtoharnessmoreadvancedusesofAIincyberoperations.Onlythosewho

.uk/report/impact-of-ai-on-cyber-threat

6/8

3/4/24,11:35AMThenear-termimpactofAIonthecyberthreat-NCSC.GOV.UK

investinAI,havetheresourcesandexpertise,andhaveaccesstoqualitydatawillbenefitfromitsuseinsophisticatedcyberattacksto2025.Highlycapablestateactorsarealmostcertainlybestplacedamongstcyber

threatactorstoharnessthepotentialofAIinadvancedcyberoperations.Otherstateactorsandmostcommercialcompaniesthatoffercapabilitytostatesworldwidewillgainmoderatecapabilityupliftoverthenext

eighteenmonthsinsocialengineering,reconnaissanceandexfiltration.Capableandestablishedcriminalgroupsarealsolikelytohaveenoughtrainingdataandresourcetogainsomeuplift.

9.However,itisarealisticpossibilitythatthesefactorsmaybecomeless

importantovertime,asmoresophisticatedAImodelsproliferateand

uptakeincreases.PubliclyavailableAImodelsalreadylargelyremovethe

needforactorstocreatetheirownreplicatechnologies,especiallyinlow-sophisticationoperationssuchasspear-phishing.Less-skilledcyberactorswillalmostcertainlybenefitfromsignificantcapabilityupliftsinthistypeofoperationto2025.Commoditisationofcybercrimecapability,forexample‘a(chǎn)s-a-service’businessmodels,makesitalmostcertainthatcapable

groupswillmonetiseAI-enabledcybertools,makingimprovedcapabilityavailabletoanyonewillingtopay.

10.To2025,trainingAIonqualitydatawillremaincrucialforitseffectiveuseincyberoperations.Thescalingbarriersforautomatedreconnaissanceof

targets,socialengineeringandmalwareareallprimarilyrelatedtodata.Butto2025andbeyond,assuccessfulexfiltrationsoccur,thedatafeedingAIwillalmostcertainlyimprove,enablingfaster,moreprecisecyberoperations.

11.Increasesinthevolumeandheightenedcomplexityandimpactofcyber

operationswillindicatethatthreatactorshavebeenabletoeffectively

harnessAI.ThiswillhighlylikelyintensifyUKcyberresiliencechallengesintheneartermforUKgovernmentandtheprivatesector.

Glossary

Artificialintelligence

.uk/report/impact-of-ai-on-cyber-threat

7/8

3/4/24,11:35AMThenear-termimpactofAIonthecyberthreat-NCSC.GOV.UK

Computersystemswhichcanperformtasksusuallyrequiringhumanintelligence.Thiscouldin

溫馨提示

  • 1. 本站所有資源如無特殊說明,都需要本地電腦安裝OFFICE2007和PDF閱讀器。圖紙軟件為CAD,CAXA,PROE,UG,SolidWorks等.壓縮文件請(qǐng)下載最新的WinRAR軟件解壓。
  • 2. 本站的文檔不包含任何第三方提供的附件圖紙等,如果需要附件,請(qǐng)聯(lián)系上傳者。文件的所有權(quán)益歸上傳用戶所有。
  • 3. 本站RAR壓縮包中若帶圖紙,網(wǎng)頁內(nèi)容里面會(huì)有圖紙預(yù)覽,若沒有圖紙預(yù)覽就沒有圖紙。
  • 4. 未經(jīng)權(quán)益所有人同意不得將文件中的內(nèi)容挪作商業(yè)或盈利用途。
  • 5. 人人文庫網(wǎng)僅提供信息存儲(chǔ)空間,僅對(duì)用戶上傳內(nèi)容的表現(xiàn)方式做保護(hù)處理,對(duì)用戶上傳分享的文檔內(nèi)容本身不做任何修改或編輯,并不能對(duì)任何下載內(nèi)容負(fù)責(zé)。
  • 6. 下載文件中如有侵權(quán)或不適當(dāng)內(nèi)容,請(qǐng)與我們聯(lián)系,我們立即糾正。
  • 7. 本站不保證下載資源的準(zhǔn)確性、安全性和完整性, 同時(shí)也不承擔(dān)用戶因使用這些下載資源對(duì)自己和他人造成任何形式的傷害或損失。

評(píng)論

0/150

提交評(píng)論