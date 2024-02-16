



The so-called cybersecurity defender's dilemma is that good people are always running, running, and always on guard, while attackers only need one small opportunity to break through and do real damage. Masu.

But Google says defenders need to leverage advanced AI tools to break this exhausting cycle.

To help with this, the tech giant today announced a new AI cyber defense initiative and made several AI-related promises ahead of the Munich Security Conference (MSC), which kicks off tomorrow (February 16). Ta.

The announcement comes a day after Microsoft and OpenAI released research into the adversarial use of ChatGPT and made their own pledges to support the safe and responsible use of AI.

As government leaders from around the world gather to discuss international security policy at the MSC, it's clear that these AI stalwarts are looking to demonstrate their assertiveness when it comes to cybersecurity.

Google said in a blog post today that the AI ​​revolution is already underway. We are excited about the potential of AI to solve generational security challenges while moving us closer to the safe, secure, and trusted digital world we deserve.

More than 450 senior decision makers, thought and business leaders will gather in Munich to discuss topics including technology, transatlantic security and world order.

The MSC said on its website that technology is increasingly permeating every aspect of how nations, societies and individuals pursue their interests, and the conference will focus on technology regulation, governance, inclusive security and global security. The aim is to advance discussions on its use to foster global cooperation, it added.

AI is undoubtedly a top priority for many global leaders and regulators, who are keen not only to understand the technology but also to pre-empt its use by malicious actors.

As events unfold, Google is investing in AI-enabled infrastructure, releasing new tools for defenders, and launching new research and AI security training.

Today, the company is announcing a new AI for Cybersecurity cohort of 17 startups from the US, UK, and European Union under the Google for Startups Growth Academy's AI for Cybersecurity program.

This will strengthen the transatlantic cybersecurity ecosystem with internationalization strategies, AI tools, and skills to use them, the company said.

Google also:

Expanding the $15 million Google.org cybersecurity seminar program across Europe to help develop cybersecurity professionals in underserved communities. Open-source Magika is a new AI-powered tool aimed at assisting defenders with file type identification, which is critical to malware detection. According to Google, the platform outperforms traditional file identification methods, delivering 30% more accuracy and up to 95% more accuracy for often difficult-to-identify content such as VBA, JavaScript, and Powershell. That's what it means. $2 million in research grants to support AI-based research initiatives at the University of Chicago, Carnegie Mellon University, Stanford University, and more. The goal is to improve code validation, improve understanding of the role of AI in cyber attack and defense, and develop more threat-resistant large-scale language models (LLMs).

Google also mentioned its Secure AI Framework, which it launched last June to help organizations around the world collaborate on best practices for securing AI.

We believe that AI security technology, like any other technology, should be secure by design and by default.

Ultimately, Google emphasizes that the world needs targeted investments, industry-government partnerships, and effective regulatory approaches to maximize the value of AI while limiting its use by attackers. doing.

AI governance choices made today could unintentionally change the landscape of cyberspace, the company wrote. Our society needs a balanced regulatory approach to the use and deployment of AI to avoid a future where attackers can innovate but defenders cannot.

Microsoft, OpenAI fights malicious use of AI

Meanwhile, Microsoft and OpenAI noted in a joint announcement this week that attackers are increasingly viewing AI as another productivity tool.

Specifically, OpenAI announced that it had suspended accounts associated with five state-sponsored threat actors: China, Iran, North Korea, and Russia. These groups used ChatGPT to:

Debug code and generate scripts Create content that can be used in phishing campaigns Translate technical papers Obtain public information about vulnerabilities and multiple intelligence agencies Common ways malware evades detection Explore how to conduct open source research on satellite communication protocols and radar imaging technology

However, the company was quick to point out that the findings show that our model offers only limited and incremental capabilities for malicious cybersecurity tasks.

Both companies have committed to ensuring the safe and responsible use of technology, including ChatGPT.

For Microsoft, these principles include:

Identify and address malicious actor usage, including disabling accounts and terminating services. Notify other AI service providers and share relevant data. Collaborate with other stakeholders on the use of AI by threat actors. Inform the public about the use of AI detected in your system and the actions taken against it.

Similarly, OpenAI pledges to:

Monitor and thwart malicious nation-state actors. This includes determining how malicious actors are interacting with your platform and assessing their broader intent. Align and collaborate with the AI ​​ecosystem. Provide transparency to the public about the nature and scope of, and actions taken against, the use of AI by malicious state-related actors.

In a detailed report released today, Google's threat intelligence team said it tracked thousands of malicious actors and malware families and found:

Attackers continue to specialize in their operations and programs Offensive cyber capabilities have become a top geopolitical priority Threat actor groups' tactics routinely circumvent standard regulations Unprecedented developments such as Russia's invasion of Ukraine have given cyber operations a significant role in war for the first time.

Researchers also assess with high confidence that the Big Four – China, Russia, North Korea, and Iran – continue to pose significant risks across regions and sectors. For example, China is investing heavily in offensive and defensive AI to counter the United States, as well as tackling theft of personal data and intellectual property.

Google notes that attackers are using AI for social engineering and information manipulation, among other things, by developing ever more sophisticated phishing, SMS and other decoy tools, fake news and deepfakes. There is.

As AI technology evolves, we believe it has the potential to significantly increase malicious operations, the researchers wrote. Governments and industry must scale up to respond to these threats with strong threat intelligence programs and strong collaboration.

Reversing the defender's dilemma

Meanwhile, Google notes that AI supports defenders' efforts in vulnerability detection and remediation, incident response, and malware analysis.

For example, AI can quickly summarize threat intelligence and reports, summarize incident investigations, and explain suspicious script behavior. Similarly, categorize malware to prioritize threats, identify security vulnerabilities in code, simulate attack paths, monitor control performance, and assess risk of early failure. I can.

Additionally, Google says AI will enable non-technical users to generate queries from natural language. Develop security orchestration, automation, and response playbooks. Create identity and access management (IAM) rules and policies.

For example, Google's detection and response team uses Gen AI to create incident summaries, ultimately saving more than 50% of their time and delivering high-quality results in their incident analysis output.

The company also improved its spam detection rate by approximately 40% with its new multilingual neuro-based text processing model, RETVec. The company's Gemini LLM also fixed 15% of bugs discovered by sanitizer tools, increased code coverage by up to 30% across more than 120 projects, and led to the discovery of new vulnerabilities.

Google researchers ultimately believe that “AI will flip the defender's dilemma on its head, tipping the scales of cyberspace and providing defenders with the best opportunity to gain a decisive advantage over attackers.” ” claims.

