How Machine Learning Could Change Cybersecurity For The Worse

Credit: Mopic |

Machine learning is already making significant contributions to security, helping to detect and correct vulnerabilities, identify suspicious behavior, and better contain zero-day attacks. However, any and all of these gains could be lost if and when these advances are repurposed by those seeking to uncover and exploit security vulnerabilities rather than defend them.

In the very near-future, machine learning is likely to be re-deployed by cyber-attackers looking to develop and distribute more dangerous and malicious threats. Worse still, this escalation might have already happened and we just don’t know about it yet.

A Cylance poll held during the Black Hat USA infosec convention saw sixty-two percent of surveyed attendees agreed that there was a high possibility that AI could be used by hackers for offensive purposes within the coming year.

McAfee said as much in their recent 2018 Threats Predictions Report. According to them, there are already plenty of black-box attacks that don’t follow established patterns and, eventually, it’s expected that security researchers will reverse engineer one of these solutions and find hard evidence that machine learning has been turned.

Credit: Michael Borgers |

McAfee Labs Vice President Vincent Weafer says that they “expect to see more advancements in the use of machine learning and analytics by attackers to accelerate and sharpen social engineering attacks—phishing, fraud, spyware, and scams—across more industry sectors than they can do today using manual reconnaissance techniques. Business email compromise scams will make use of machine learning to appear more legitimate to their targets.”

In addition, “we may see ‘target acquisition as a service’ providers leverage the increasing volume of personal information that has been leaked from multiple data breaches in past years to identify and qualify targets.”

They aren’t the only vendor looking to raise awareness of the threat. Symantec CTO Nick Savvides says that 2018 will be “the first year where we will see AI versus AI in a cybersecurity context. Cyber criminals will use AI to attack and explore victims’ networks, which is typically the most labour-intensive part of compromise after an incursion.”

Machine learning also has the potential to enhance the existing tactics employed by such cyber-criminals. Machine learning could make phishing attacks more difficult to identify or allow attackers to effective at gaining unauthorized access through a users connected devices once one set of credentials have been stolen.

Perhaps the scariest thing here is that, much like the unmapped positive potential, the potential damage that machine learning could do is difficult to fully comprehend at this early stage. Even in many of the best case scenarios, applications of machine learning will likely see the arms race between the cyber-security and cyber-criminal worlds ratchet up to a faster pace than ever seen before.

Again, this isn’t to say that the experts aren’t already preparing. McAfee speculate in their 2018 Threats Predictions Report that machine learning, AI, and game theory can be used to to probe for vulnerabilities in both our software and the systems we protect in order to counteract new strains of machine learning-powered threats.

Credit: Stepanenko Oksana |

Basically, they aim to beat cyber-criminals at their own game by developing better machine learning-based systems for vulnerability detection - discovering and amneding issues before they can be exploited.

Other ways in which machine learning can be used to neutralize its offensive capabilities have also been raised. In an interview with Gizmodo, Recorded Future Chief Technology Officer Staffan Truvé discussed the possibility of using machine learning and natural language processing to detect when an attack is being planned and discussed on criminal forums - predicting threats before they happen.

He said that “bad guys [with AI] will continue to use the same attack vectors as today, only in a more efficient manner, and therefore the AI based defence mechanisms being developed now will to a large extent be possible to also use against AI based attacks."

So while it’s clear that machine learning has enormous potential to empower cyber-criminals and swing the advantage in their favor, it’s latent promise to give cybersecurity vendors better tools to counteract that threat can’t be dismissed either.

As cliche as it might sound: the only certainty here is that machine learning is going to change everything.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags AImachine learningSecurity Watch

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.
Fergus Halliday
Show Comments

Cool Tech

Toys for Boys

Family Friendly

Stocking Stuffer

SmartLens - Clip on Phone Camera Lens Set of 3

Learn more >

Christmas Gift Guide

Click for more ›

Brand Post

Most Popular Reviews

Latest Articles


PCW Evaluation Team

Aysha Strobbe

Microsoft Office 365/HP Spectre x360

Microsoft Office continues to make a student’s life that little bit easier by offering reliable, easy to use, time-saving functionality, while continuing to develop new features that further enhance what is already a formidable collection of applications

Michael Hargreaves

Microsoft Office 365/Dell XPS 15 2-in-1

I’d recommend a Dell XPS 15 2-in-1 and the new Windows 10 to anyone who needs to get serious work done (before you kick back on your couch with your favourite Netflix show.)

Maryellen Rose George

Brother PT-P750W

It’s useful for office tasks as well as pragmatic labelling of equipment and storage – just don’t get too excited and label everything in sight!

Cathy Giles

Brother MFC-L8900CDW

The Brother MFC-L8900CDW is an absolute stand out. I struggle to fault it.

Luke Hill


I need power and lots of it. As a Front End Web developer anything less just won’t cut it which is why the MSI GT75 is an outstanding laptop for me. It’s a sleek and futuristic looking, high quality, beast that has a touch of sci-fi flare about it.

Emily Tyson

MSI GE63 Raider

If you’re looking to invest in your next work horse laptop for work or home use, you can’t go wrong with the MSI GE63.

Featured Content

Product Launch Showcase

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?