The angel is an algorythm

11Cybersecurity· Journalists Team

The angel is an algorythm

InnovationProbability 80/100

// A story from 2051

It’s a Tuesday, the year 2051. Gabe orders an iced caramel macchiato at his favourite coffee place and reaches his office at 8 am. Aged 35, Gabe is an extreme sports fan and proud father of a little girl, Lucy. He heads up cybersecurity at Nafios, the smart pill giant based in New York. And when we say giant, we’re talking more than 80 plants with completely automated production lines. Gabe pilots this whole realm and ensures the safe production of millions of little gums that protect humanity from diseases.

He fires up his holographic computer and gets the reports HAL, his AI assistant, made on all the events that took place on the production chains of each of the 80 plants. Usually, these reports are quite fast to read thanks to the company’s ultimate cybersecurity system. But today is different. Thousands of kilometres away from New York, in Buenos Aires, one of the plants avoided a catastrophe thanks to AI agents.

-----

It’s 3:37 am in Buenos Aires. Felipe, the local cybersecurity director, wakes up with a jolt. A terrible alarm is coming from his phone. It’s red alert – something’s seriously wrong at the plant. The machine dosing paracetamol in the Nafios smart pills seems completely out of control. The AI agent who did the seventh test of the night on a smart pill sample sounded the alarm. It calculated 4000mg of paracetamol instead of the supposed 1000mg. A very dangerous dose that could lead to liver failure, haemorrhage or cerebral oedema.

When Felipe reaches the lobby 15 minutes later, his staff is on the warpath. All the smart pill batches that exited the production lines in the last 30 minutes have to be destroyed. While this is happening, the cybersecurity AI is already doing an analysis of what happened – thanks to his Threat-Intelligence-as-a-Service solution, running on Ethereum. The result comes out in just a few seconds and the threat is blocked in less than a minute.

-

As Gabe goes through the report, he can’t help but be very impressed by the modus operandi of the hacker. The firmware was modified remotely by the attacker, who impersonated an operator thanks to his quantum computer. He is very strong: he could even crack the operator’s connection encrypted in sha256. But HAL outsmarted the hacker since it can access the whole threat intelligence system of the Ethereum blockchain it is connected to. The attack path was uncovered in record time, the attack blocked, remediation solutions set up fast, and the whole production chain restarted in just one hour.

HAL highlights the vulnerability points with best solutions to implement with a priority tag assigned to each issue. Priority: changing the encryption algorithm that has been compromised. And here again, HAL directly chooses the best alternative and prepares the re-setting with an AES encryption for all the production chain devices in Buenos Aires. This includes all the connected machinery, the hardware of the operators and management staff, the badges to enter the lobby, to name but a few. HAL will ask for Gabe’s approval to launch the deciphering and re-ciphering process. To confirm the approval, Gabe’s face is scanned by his computer to ensure maximum security.

Right after, Gabe starts a PKI-encrypted video call with Felipe to let him know about the changes that will happen and, above all, to inform him that he’ll have to approve the local AI encryption action – again, by face scanning. Once both approvals are gathered, HAL shares its knowledge with the local AI assistant who initiates the ciphering process.

To close the case, Gabe makes sure that all the reports and findings of the AIs are stored following the InterPlanetary File System (IPFS) protocol. While doing this, he takes the opportunity to check all the previous PGP-encrypted files about incidents that happened since 2040 (when he joined the company). He also asks his AI assistant to run a matching test to check for a hypothetic correlation.

When HAL’s done working, Gabe gets a PGP-encrypted report only he can access. The attack is looking just like one that happened two years ago – in November 2049. This time, the attacker messed with the packaging system at the Berlin plant. Consequences wouldn’t have been as dramatic as changing the dose of paracetamol, but it had still cost the company a lot of money to fix. Thanks to threat intelligence, HAL could cross-check the two attacks and finetune his recommendations for future cybersecurity improvements – especially in firmware’s protection. When Gabe gives his approval for these recommendations, the AI assistant will set everything up. It would run a test by trying to hack the system to check if all the new setups are protective enough. Case closed.

It’s 5 pm in New York. Gabe has to leave work early so he puts the safety of the company in HAL’s capable hands. With a long career in cybersecurity, Gabe has spent time with many companies. Over the years, his role has changed a lot as technology – especially with the help of AIs – has become more and more efficient in countering and blocking attacks. His role remains key for Nafios but thanks to his AI assistant, halting sophisticated attacks from smart hackers has never been easier or the cybersecurity system this strong. Who knows what’ll come next? Hopefully hard times for cyber attackers…

// The science behind it

An impregnable fortress

Cybersecurity has been part of our lives for several years now. 30 years ago, companies were already well aware of the danger posed by cyberattacks. They implemented protocols which were considered strong at the time. But in our private lives, cybersecurity wasn’t a big thing. Of course, users of connected devices were always happy to know that their data was protected and that some of their conversations were encrypted. Besides that, no-one paid much attention to it.

But as online crime increased, cybersecurity became more of a concern. It started first with new device-specific privacy services encrypting users’ browsing. On social media and on all apps where information was shared – e.g. messaging platforms and banking related apps – PGP, AES or PKI encryption has quicky been generalised. By 2030, users’ private lives were already far safer than they used to be when social media boomed. Viewing pictures, or any other personal information from a relative, became possible only when you had the right private key.

With double encryption protocols becoming the norm – combined with IPFS that ensures security and inalterability of documents – even the most reluctant people started to sign, store and manage their most important files online. Everything from housing to banking contracts. Thanks to IPFS, all sensitive documents are protected from cancellation and from being compromised. That has simplified a lot of administrative procedures as people felt more secure online than ever before. They no longer felt the need to meet their advisors face to face. And they were right to do so: cyberattacks targeting users’ personal data have become more and more complicated. By 2030, attacks were reduced by 54% compared to 2020.

At the beginning of the 2030s, companies stared to widely use AI for cybersecurity purposes. They’ve proved themselves incredibly efficient at automatically detecting anomalies and common vulnerability exposures to prevent cyberattacks. At first, AIs were only used preventively. From 2033 onwards, the first AIs were able to track down cybercriminals and block them in a defensive way. It wasn’t as effective as it is now, but already a big step forward.

The event that really fast-tracked cybersecurity improvements was AGA-gate, which happened to AWS, Google Cloud and Azure. On Black Friday, November 2036, the biggest cloud service provider underwent the worse attack of all time. A huge DDoS attack brought the giant to its knees for several days. The outcome was catastrophic: millions of dollars lost, and more than five billion users impacted. It became obvious that such a centralised system, even though it was energy efficient, became more vulnerable as technology improved. Quantum computers are now accessible to more people with bad intentions.

That’s when experts started to work with blockchain as a new hosting opportunity. Over time, blockchain became more energy efficient. From encouraging cooperation rather than competition between miners, to using Proof-of-Stake mechanisms rather than Proof-of-Work ones, blockchain became less and less energy-consuming. So much so, that Proof-of-Work is now a remnant of the past. Blockchain’s energy consumption wasn’t hindering companies anymore. In 2027, the first companies took the plunge and decentralised all their data initially cloud-hosted on a blockchain like Ethereum. Year after year, in addition to securing their data and making them almost impossible to lose or alter, blockchains were containing more and more information. They became a huge asset for cybersecurity. In 2051, when you have a cybersecurity issue, thanks to threat intelligence, your AIs and/or operators can find the attack path faster than ever.

It’s gone even further. In 2041, the biggest blockchain providers decided to offer a common new service to companies: Threat-Intelligence-as-a-Service (TIaaS). While blockchain providers remain completely independent, this common service allows chiefs of cybersecurity to access the widest source of knowledge on cyberattacks ever created. It’s a powerful tool that is helping companies to resolve tricky situations in record time. By 2051, this system is adopted by 93% of companies in the world, giving hackers a very hard time indeed.

In 30 years, the cybersecurity world will be completely transformed. It will be compliant with the three cybersecurity principles – confidentiality, integrity and availability – making it far easier than ever before.

Technology rescues cybersecurity teams

In 2021, cybercrime is dramatically increasing – something that is to be expected, considering how much time we spend online each day and all the things we can do from connected devices. Add to that the fact that IoT devices will increase to 43 million by 2023. Since the Covid-19 pandemic started, cybercrime increased 600%, costing hundreds of millions of euros. Yet, cybersecurity isn’t taken lightly. Companies are all aware of how important it is to deploy robust cybersecurity protocols to protect their users and their business. Still, the concern is quite new and hackers are becoming more ingenious in their attack framework. There’s a lot of room for improvement: more than 60% of cybersecurity experts agree that their cybersecurity team is short-staffed.

AIs are considered one of the most robust cybersecurity solutions to tackle the increase in connected devices and the need for better cybersecurity. As they are capable of analysing a huge volume of data, they can detect breaches and anomalies in a fairly short amount of time. They’d be able to identify any potential anomaly in real-time and give an optimal answer fast. Companies like Twenty20 Solutions are already integrating machine learning combined with real-time video monitoring to detect these anomalies as they happen. And in general, the Supervisory Control and Data Acquisition (SCADA) market share is increasing, showing that companies are moving towards a new style of solution to support their cybersecurity teams.

Encryption will also be a big cornerstone of cybersecurity. As quantum computers become more accessible and fall into the wrong hands, single password security will no longer be enough. With small quantum computers already in existence, companies like IBM are already planning to improve them in the coming decade to reach million-qubits systems. With such powerful machines, the most sophisticated passwords could be deciphered in just a few minutes (while it would take several lifetimes for the best regular computers today). That’s where PGP, PKI or AES encryption systems come in. They are already used in apps we all know. For example, Whatsapp’s Signal protocol ensures end-to-end encryption of our conversations.

This might go even further in the future with end-to-end encryption applied to social media. According to Ero Balsa, Filipe Beato and Seda Gürses from KU Leuven, Belgium and NYU, USA, social media could easily apply end-to-end encryption. And as it will probably become highly desirable for users, they might have no other choice in the future to keep their status of trusted authority. Coupled with IPFS, end-to-end encryption with a double key system will make official documents safer online than ever. Users will have full control over just how confidential and inalterable they want them to be. As IPFS protocol is already used in 2021, it will no doubt become more commonplace – plus combined with other technologies to ensure the ultimate security.

Today one of the big weaknesses of the Internet – and all connected devices – is the reliance on a very centralised system hosted on servers and on the cloud. Even the most minor cybersecurity vulnerability could affect the whole world and trigger the loss of huge amounts of data. The future will lead us to decentralise our online life.

A tangible track is blockchain. At the moment, blockchain is consuming too much energy compared to servers, and the biggest players fear that their energy bill will skyrocket by making this shift. But blockchain also has undeniable assets. First of all, it’s quite new. By 2051, as solutions emerge, we can expect it to be less energy consuming. Proof-of-Stake might take over Proof-of-Work. Authority figures such as Elon Musk and Bill Gates are already describing Proof-of-Stake coins as “green coin”.

But blockchain providers’ big assets are tied up in the knowledge they can offer as threat intelligence. When a cybersecurity problem like the Nafios example is detected, companies can solve it at lightspeed using almost infinite knowledge of blockchain coupled with AI. However, in 2021 this solution is not yet possible as blockchain might actually cause more problems than solutions. After all, it has its own cybersecurity threats to deal with like illegal mining.

However, by 2051, bringing together all the tools we currently have – encryption, a decentralised file system, AI and blockchain – we can imagine that cybersecurity will be taken to a whole new level with almost unbeatable security systems. It then all depends to what lengths of ingenuity hackers will go to adapt to this new paradigm.

It’s hard to predict the future but the Nafios cybersecurity scenario is far from impossible. As a concept, we already have the ‘sketch’ version of all the tools that Gabe uses against the hacker. But whether we speak of AI, blockchain or double encryption, all these systems are quite new, answering the needs triggered by an increasingly online world. Therefore, we can expect huge improvements by 2051 – things we can’t even begin to imagine.

Blockchain still sits with a few question marks over its head. Will it be able to reduce its energy consumption enough so that big players will consider using it instead of cloud hosting? It might be the case as there are several projects on the go that are trying to evolve towards a ‘greener blockchain’. It’s also important for blockchain to remain decentralised and avoid a monopoly situation at all costs.

Another question mark concerns AI and to what extent it would be able to handle a whole massive breach like the one painted in the Nafios example. Not only identifying a threat but also handling the after-effects – i.e. to reinforce security after a breach. We can assume that, combined with threat intelligence, this would be possible. But time will tell how autonomously this would happen.

Cybersecurity still has room for improvement and as the online world is an ever-evolving universe, it is surely going to surprise us in the future. Will it properly comply with the Confidentiality-Integrity-Availability (CIA) triad? Let’s meet in 2051 and see.

// Sources & further reading

  1. https://usmsystems.com/ai-ml-in-cybersecurity-use-cases-examples/usmsystems.com
  2. https://medium.com/mindsync-ai/ai-for-surveillance-and-security-60fd67a8e570medium.com
  3. https://www.albawaba.com/business/10-biggest-cyber-attacks-historyalbawaba.com
  4. https://www.hivesystems.io/blog/are-your-passwords-in-the-greenhivesystems.io
  5. https://www.ceps.eu/artificial-intelligence-and-cybersecurity/ceps.eu
  6. https://cisomag.eccouncil.org/hackers-using-ai/cisomag.eccouncil.org
  7. https://aws-shield-tlr.s3.amazonaws.com/2020-Q1_AWS_Shield_TLR.pdfaws-shield-tlr.s3.amazonaws.com
  8. https://www.w3.org/2014/privacyws/pp/BalsaBeatoGurses.pdfw3.org
  9. https://www.deepwatch.com/blog/cia-in-cybersecurity/deepwatch.com
  10. https://www.zdnet.com/article/smart-pills-and-the-future-of-medicine-insights-from-your-insides/zdnet.com
  11. https://coinacademy.fr/coinacademy.fr
  12. https://www.forbes.com/sites/louiscolumbus/2020/06/21/why-ai-is-the-future-of-remote-security-monitoring/?sh=12f43c51436aforbes.com
  13. https://www.packetlabs.net/cybersecurity-statistics-2021/packetlabs.net
  14. https://ieeexplore.ieee.org/document/7993478ieeexplore.ieee.org
  15. https://www.mckinsey.com/industries/private-equity-and-principal-investors/our-insights/growing-opportunities-in-the-internet-of-thingsmckinsey.com
  16. https://itchronicles.com/information-security/what-is-the-future-of-cybersecurity/itchronicles.com
  17. https://www.wired.com/2015/08/peek-inside-mr-robots-toolbox/wired.com
  18. https://geekflare.com/ai-affects-cybersecurity/geekflare.com
  19. https://link.springer.com/chapter/10.1007/978-981-15-4218-3_13link.springer.com
  20. https://coinacademy.fr/blockchain/la-blockchain-irl-episode-2-permettre-la-decentralisation-du-monde/coinacademy.fr
  21. https://www.zdnet.com/article/quantum-computers-are-coming-get-ready-for-them-to-change-everything/zdnet.com
  22. https://blog.qrator.net/en/meris-botnet-climbing-to-the-record_142/blog.qrator.net
  23. https://www.datacenterdynamics.com/en/analysis/understanding-chia-the-cryptocurrency-straining-storage-markets/datacenterdynamics.com
  24. https://sensepost.com/sensepost.com
  25. https://purplesec.us/resources/cyber-security-statistics/purplesec.us
  26. https://builtin.com/artificial-intelligence/artificial-intelligence-cybersecuritybuiltin.com
  27. https://www.computer.org/publications/tech-news/trends/the-impact-of-ai-on-cybersecurity/computer.org
  28. https://www.cpomagazine.com/cyber-security/blockchain-for-threat-intelligence-maybe/?fbclid=IwAR2CkTlyRruWl8kKkLq19xqf4ZZH9XNWsdY3cd21V2MwFgcpomagazine.com
  29. https://www.itbusinessedge.com/security/potential-use-cases-of-blockchain-technology-for-cybersecurity/itbusinessedge.com
  30. https://www.cybersecurityintelligence.com/blog/using-ai-in-cyber-security-5038.htmlcybersecurityintelligence.com
  31. https://www.darkreading.com/careers-and-people/5-mr-robot-hacks-that-could-happen-in-real-lifedarkreading.com
  32. https://www.cloudflare.com/learning/ddos/what-is-a-ddos-attack/cloudflare.com
  33. https://www.cloudflare.com/learning/ddos/glossary/ip-spoofing/cloudflare.com
  34. https://scontent.whatsapp.net/v/t39.8562-34/241394876_546674233234181_8907137889500301879_n.pdf/WhatsApp_Security_Encrypted_Backups_Whitepapscontent.whatsapp.net
  35. https://en.wikipedia.org/wiki/InterPlanetary_File_Systemen.wikipedia.org
  36. https://fr.wikipedia.org/wiki/Pretty_Good_Privacyfr.wikipedia.org
  37. https://en.wikipedia.org/wiki/Denial-of-service_attacken.wikipedia.org
  38. https://en.wikipedia.org/wiki/Proof_of_stakeen.wikipedia.org