AI and Your Security Online
Every advance in technology offers us new opportunities. Some of these opportunities are used constructively, some not so much.
AI on the March!
There are a number of issues with the use of AI, but this post is more of a warning. Just as some positive activities are enhanced by the use of AI, so are some dangers. The same AI that helps you correct your grammar as you write, for example, can help and malware author create a more believable and engaging phishing email. The same AI that might help a designer creatively combine various elements (ignoring for the moment purely generative AI that “creates” the elements themselves) can create a deep fake that you’ll find hard to distinguish from the real.
Security Is Never 100%
I often tell people that the only way to be totally secure online is not to be online at all. If you want complete security from online threats, turn off your computer.
But even if you do that, the utility that provides your electricity or your water may be impacted, and thus you are not secure. Hospitals have been a particular target. The emphasis of news coverage is often on the threat to your privacy, and that threat is real, but there is also a threat to your treatment if your doctor, or an emergency room nurse or physician can’t access necessary information.
The Potential Impact of AI
AI can help someone program by generating usable code. It can also help a malware writer create malicious code and find new ways to introduce it to you.
One of these ways is through the data pool that is used by various AI or AI related engines. They have to learn somewhere. There are certainly ethical considerations about this learning. But there are also security concerns. What happens if someone injects false information into the AI engine? Who is going to catch it?
These attacks can be summarized as data poisoning and manipulation. There’s an article on this at SmarterMSP.com, which is aimed more at people like me, but has valuable information. I wrote this post as a simplification.
An Analogy
Let me use one analogy. Let’s suppose that a creative librarian decided to deceive people generally and did so by regularly acquiring and referring people to less reliable sources, sources that were less than the best. This would be data poisoning. People often trust librarians, so they expect if the librarian points them to a good book on a subject, it will be good.
That librarian is extremely limited in the total amount of harm by two factors: 1) The total number of people they can misdirect as a single individual, and 2) the ease with which someone could discover the manipulation.
AI is not so limited. It’s ubiquitous. I was dismayed recently by the number of images on a subscription service I use that had the simple for use of generative AI in image creation. I’m not an opponent of AI, especially in designs that normally use multiple graphical elements. I am substantially prejudiced against the entire process being created by AI.
Be aware of where your data is coming from and double-check sources. The need for actual research skills, the ability to find and evaluate sources for your information, has never been greater.
Bottom Line
Don’t be deceived. In other words, don’t get hacked, either on your computer or in your own mind!