Widely used in optimizing data analysis, logistics, and decision-making, artificial intelligence (AI) has permeated all fields, including the military . On the battlefield, the most prominent application to date, recently demonstrated with devastating effectiveness in Russia and Ukraine, is in unmanned aerial vehicles (UAVs). AI is used in everything from quadcopters acting as suicide weapons to transport systems capable of firing multiple missiles and returning for resupply like manned aircraft.
Once the subject of science fiction, the prospect of future battles between robot-enhanced human soldiers and supporting drones (single or in swarms) is now not only feasible but highly probable. AI will undoubtedly play an increasingly important role in future conflicts and heralds a potential revolution in the military field.
The rise of generative artificial intelligence
The surge in public awareness of AI is largely due to the recent emergence of powerful generative artificial intelligence (GenAI), driven by advances in processing speed and deep learning models, enabling GenAI applications to become increasingly robust and affordable.
Unlike discriminative AI, which typically focuses on predicting what type of new data it is, GenAI can synthesize entirely new data.
However, alongside GenAI, we see ongoing advancements in discerning/predictive artificial intelligence, which is central to both AI-based automation and cybersecurity. Predictive AI has been the cornerstone of cyber threat research and response for over a decade, and FortiGuard Labs (Fortinet's threat research arm) gathers actionable threat intelligence from the billions of pieces of security data they collect daily.
Cyber threats are increasing in both number and variety.
Unlike discriminatory AI, which typically focuses on predicting what type of new data it is, GenAI can synthesize entirely new data, including text, images, and, most importantly in this context, computer code. Therefore, GenAI has the potential to simplify software development, increase the number of vulnerabilities exploited by malicious actors from the current level of less than 5% of the total number of vulnerabilities, and even expand the diversity of attacks.
Furthermore, GenAI can generate code much faster than human programmers, potentially bridging the gap between the public disclosure of new vulnerabilities and the emergence of malware to exploit them.
Therefore, while typically customers might have several days or even weeks to apply vendor-created patches or temporary solutions to newly discovered vulnerabilities, with GenAI, we can see actual vulnerability exploitation attacks in just hours or even minutes. Furthermore, attackers can use GenAI to quickly analyze new patches and security response tactics, and create new variations to evade or defeat them.
In addition to being used in programming exploit attacks, GenAI is also being used to increase the credibility of phishing and other technical attacks, creating increasingly convincing fake text, voice, and even video interactions.
Even the process of identifying the most lucrative potential victims and mapping their networks—the reconnaissance phase of cybercriminals—is being transformed by AI, increasing the scope, speed, and accuracy of pre-attack checks and assessments of potential targets.
Intelligent and automated cybersecurity – Is it enough?
Of course, in addition to enabling malicious cyber actors to search for vulnerabilities, AI is also used to find bugs and mitigate potential security flaws in legitimate software. This is especially important when developers use open-source software modules and other third-party software in their software supply chain.
Therefore, an increasing number of cybersecurity solutions, including those from Fortinet, have been using AI to help identify vulnerabilities and prioritize their remediation. Similarly, with the growing volume of security data as the number of digitally connected devices and applications continues to increase, security teams (which are already understaffed due to a global skills shortage) can now leverage AI-based automation to analyze massive amounts of raw data from across their networks, thereby identifying and implementing the most appropriate response to unusual or malicious activity.
Traditional, fragmented cybersecurity solutions, designed to protect against specific types of threats, often fail to prevent more sophisticated, multi-pronged attacks. Therefore, solutions that utilize artificial intelligence (AI) to help link breach signatures from multiple data sources and integrate defensive actions across different security solutions will be better able to counter AI-powered attackers.
However, despite the numerous and obvious advantages of AI-based cybersecurity, another, more dangerous problem lurks beneath the surface. Even if patches for known software vulnerabilities are provided to users of those products, the patches must be applied to be effective. The term "N-day vulnerability" refers to the number of days (N) since a vulnerability was disclosed and a patch was released, and many users do not apply the patches in time—or not apply them at all. An attacker doesn't need to develop a new vulnerability (Zero Day) when lucrative targets don't apply existing patches to address known vulnerabilities. AI can help businesses manage vulnerabilities, identify vulnerabilities, and even apply patches, but currently too few organizations utilize such tools.
The road ahead
AI will change the world. To harness the power of AI for good, optimizing autonomy and automation on the digital battlefield with robust and adaptive cybersecurity will be essential. But only through collaboration across industries, governments, and agencies can we address the scale and complexity of the current AI threat landscape.
Security companies like Fortinet continue to innovate and deploy AI-enhanced solutions to the market, enabling governments to focus on the technically challenging national security risks and the rapidly changing landscape of AI-driven automation, while leveraging commercial cybersecurity capabilities.
Organizations should choose security partners with extensive experience in artificial intelligence innovation (both generative and predictive) and a commitment to the principle of “Security from the design stage.” Robust security must be an integral part of the entire lifecycle of IT products and services, from initial design to final deployment.
Jim Richberg
Source: https://doanhnghiepvn.vn/cong-nghe/su-troi-day-cua-tri-tue-nhan-tao-tao-sinh/20251230092443211
Comment (0)