How to tame the “Wild West” of AI cyber attacks

If you’re following artificial intelligence news and ever thought of Skynet, you’re probably not alone.

It was 40 years ago when the science fiction of Terminator introduced the world to self-aware AI. Now, technology experts are trying to prevent AI-powered systems from taking over corporate networks.

In a revealing Q&A with leading security experts, NetApp Chief Technology Evangelist Matt Watts explored the current state of cyberthreats and how companies can prevent catastrophes. The NetApp panel included Ray White, head of AI Partners, and Mike Hommer, Partner Field CTO. 

“It’s the Wild, Wild West in the AI space,” said White. “There’s no known academic countermeasure to a deepfake today.”  

“A 3-second phone call and all of a sudden, they have your voice. They contact the help desk. They hack humans,” he said. “They gain access to the network. They escalate privileges. They sit, wait, and watch for bad things to happen. People are using GenAI to create malware.”  

White gave an explanation and real-life scenario of these new cyber threats – AI runtime manipulation, training data poisoning, and model theft.

• AI runtime manipulation: the dangers of real-time interference with your AI operations 

• Training data poisoning: ways in which your training data can be compromised 

• Model theft: how attackers can steal your trained AI models

Hommer recommended that companies think by design, and he described how to confidently protect, detect, and recover.

“We're not a security company, but we can absolutely participate in the conversation by giving teams a broader set of tools that extend deeper into the infrastructure so that the storage itself helps protect the data,” he said. 

What makes current ransomware attacks particularly insidious is that bad actors are using GenAI to create “flawless phishing emails” with perfect language. Gone are the days when you could spot odd words or expressions and know that something wasn’t right. 

It’s AI ransomware, which means you have to use AI to fight AI.  

“So this has been democratized now,” said Watts, pointing out the problems that that creates when you’re trying to beat back the scale of the attacks.  

Achieving autonomous cyber resilience is crucial to thwart ransomware threats at scale without increasing costs or expanding IT sprawl. You need new detection systems on your storage infrastructure that accurately discover threats in real time.  

An excellent approach is to use the built-in NetApp® Autonomous Ransomware Protection feature, now powered by AI (ARP/AI). It protects your data at the storage layer to safeguard your critical assets. That being said, no ransomware detection or recovery system can completely guarantee safety from a ransomware attack. Although it’s possible an attack might go undetected, NetApp technology acts as an important additional layer of defense. 

“When you think about AI, it’s really just a new workflow. It’s a new application,” Hommer said. “And with any security project, when you try to do it after the fact, that’s when you break things. Security is not just a checkbox.”  

Both Hommer and White pointed out that NetApp’s approach to security makes it easier for companies to implement strong measures out of the box, starting with a variety of industry-leading validations from the U.S. National Security Agency, Department of Defense, and others.  

In addition, the way the storage file system is built creates a hardened, bulletproof infrastructure behind the scenes, White said.  

What all of this means is that companies can confidently store and protect their data for AI deployments despite this evolving AI security landscape.   

For now, as long as you’re running NetApp, there’s no need to worry about Skynet. Click here to learn more about NetApp AI solutions.