Artificial intelligence (AI) may be the banking industry’s Achilles heel, making it more vulnerable to Russian cyberattacks.
President Joe Biden issued a warning to American businesses of the likelihood of increased cyberattacks from Russian, in retaliation for the sanctions it is experiencing as a result of its invasion of Ukraine. Many ransomware gangs already operate within Russia, due to that country’s willingness to turn a blind eye to attacks on the West. Full-fledged support from the Kremlin would likely send attacks into overdriver, however, and banks may be particularly vulnerable.
Banks have been aggressively rolling out AI and automated systems in an effort to provide better customer support, as well as better identify and prevent fraud. Unfortunately, experts are warning that those very systems also make banks far more vulnerable to potential attack.
“It’s a huge unaccounted-for risk,” Andrew Burt, Managing Partner at AI-focused law firm BNH and former policy adviser to the FBI’s head of cyber division, told The Wall Street Journal. “The vulnerabilities of AI and complex analytic systems are significant and very widely overlooked by many of the organizations employing them.”
Much of the problem stems from AI systems still being in their infancy, compared to previous, time-tested systems banks relied on.
“Machine-learning security is not just a combination of security and machine learning; it’s a novel field.…When you introduce machine learning into any kind of software infrastructure, it opens up new attack surfaces, new modalities for how a system’s behavior might be corrupted,” Abhishek Gupta, founder of Montreal AI Ethics Institute, told WSJ.
“There’s a sense of brittleness in that entire architecture, like a house of cards. You don’t know which of the cards that you pull out will lead to the whole thing collapsing entirely,” he added.
Given the increased risk of attack, it’s a safe bet firms specializing in AI security are about to see a major boost.