The Conference F5 Solutions Day, Veracomp, Romania

The Course Social Media Implication in Law Enforcemente, The European Union Agency for Law Enforcement Training (CEPOL), Hungary

The International Multi Track Conference on Sciences, Engineering & Technical Innovations, The CT Group of Institutions, India

The International Policing Forum, The People’s Public Security University of China, China

The Seminar GoDigital, PRISMA European Network, Romania

The Economic Forum, The Foundation Institute for Eastern Studies, Poland

IDC IT Security Roadshow, The International Data Corporation (IDC), Romania

The Conference Cybersecurity Challenges, Marshall Center, Romania

The Radio Romania News Euroatlantica, Romania

The Workshop Challenges and Opportunities in Cyberspace, Al. I. Cuza Police Academy, Romania


Using artificial intelligence in cyber-attacks

Using Artificial Intelligence in Cyber-Attacks

Artificial intelligence may be used by cybercriminals to analyze large amounts of data from various sources across the Internet, to identify vulnerabilities of systems and users, and to improve and intensify cyber-attacks.

Traditional cyber-attacks involve an attacker’s presence and interaction with specific computer systems to make certain decisions, which often limit his anonymity. Artificial intelligence will further obfuscate the connection and increase the distance between victim and attacker. The emergence of autonomous cyber-attacks, capable of taking the best decisions alone based on the existing ecosystem, will make it difficult to investigate and assign them.

Social engineering

Social engineering remains one of the main vectors of attack. Frequently, malware is introduced into the computer system by its users, by downloading infected files or by clicking on malicious links in emails. But making these emails interesting for users requires a lot of effort and documentation on the part of cybercriminals. Using artificial intelligence in this area will greatly simplify their work. Analyzing vast amounts of data on the Internet and Darknet, artificial intelligence will be able to accurately build a social profile of potential victims, based on their behavior in cyberspace. Once the victims have been selected, attractive emails and websites are created for all targeted users. Moreover, artificial intelligence can gain users’ confidence through sustained dialogue across various social platforms, without the involvement of human attackers. There are already different forms of chatbots – programs that automatically initiate dialogue and generate responses on the Internet and who manage to have good conversations with the users by simulating the writing style of real people. In the future, these discussions will not be limited to text, but will also have a voice component, given the rapid development of voice synthesis applications. Artificial intelligence can simulate the voice of a person with a high degree of accuracy, based on recordings posted by that person on social media.

Malware applications

Malware applications are created by cybercriminals to compromise information systems and data. Malware variants are continually evolving, being equipped with various modules for multiplying, infecting, blocking and retrieving data from compromised systems. Once these types of malware are made by artificial intelligence, they will be able to propagate on a much wider scale and exploit any encountered vulnerabilities. Thus, command and control servers used by cybercriminals will no longer be needed, with artificial intelligence being able to make decisions based on encountered vulnerabilities and the desired purpose.

Once inside computer networks, the smart forms of malware will go into stand-by mode, intercept communications between systems and the running trusted applications, and then attempt to mimic the behavior of network users in order to mislead cybersecurity solutions. Artificial intelligence will be perfectly tailored for the target environment, knowing where critical data is, what vulnerabilities exist in the system, the right time to attack, and how to accomplish the cyber-attack.

It is likely that in the future, intelligent ransomware applications used for encrypting data on compromised systems will be able to study the victim’s profile with the aim of determining the amount of money the victim is willing to pay cybercriminals for unblocking access to their data, maximizing the chances and profit of any attacker.

The article was published in Orange Romania Business Internet Security Report 2019.
It can be downloaded from