Next Phase in Bot Attacks: Artificially Intelligent Human Bot


The famous Kapersky Lab was compromised by the most sophisticated hacker group of all time. This group had “a long list of almost superhuman technical feats” and “extraordinary skill”. The group was dubbed the “Equation Group” and their work was a masterpiece. The human mind is an extraordinary thing. Dan Godin referred to this group as “omnipotent”, but I wouldn’t go that far, since they got caught with their hands in the cookie jar. Here is a list of the group’s accomplishments:

  • Created malware to infect offline air-gap computers isolated from the network, which is usually used in military environments to restrict access
  • Used 300 domains as part of their command and control operations
  • Stored encrypted malicious files in different parts of the registry to avoid detection
  • Installed covert implanted firmware in routers
  • Used four zero day vulnerabilities
  • Created a secret storage vault in drives that can survive military grade disk wiping and reformatting
  • Infected hard drive firmware from multiple drive manufacturers
  • Malware lived in RAM that would vanish after computer was turned off. PC would get re-infected after turned on by surrounding PC’s

Although this group is extremely talented, as our other hackers that breached OPM, Chase, and so on, they are going to be no match for the humanoid hacker, which we’ll call the Artificially Intelligent Bot. DeepMind, now part of Google, created an Artificial Intelligent (AI) system that played Space Invaders and its actions were observed. For input, the AI was fed the pixels on the screen, and the mission was to score points and win the game. Then the creators threw the AI out into the gaming environment not knowing what to expect. After 500 games, the AI became a master game player. The key takeaway, the AI system learned completely on its own without human intervention.

When cyber security companies like FireEye talk about creating advanced algorithms for detecting malware, they’re are not advanced, because the security platform still requires human intervention. The FireEye algorithms are dummy algorithms, and the DeepMind algorithms are advanced algorithms that have the ability to learn from its environment without human intervention. After several tries, AI masters the environment on its own, no pre-programming.

Say its 2018, and Google, Facebook, Microsoft and others invest $50B+ on developing AI algorithms. Thereafter, they open source the AI, and a kid genius decides to build an artificially intelligent bot. For input, 500B bot signatures are fed into the AI, plus the entire history of malware. Then, the kid tells tells the AI to go find vulnerabilities in any system that stores credit card info. After a couple of weeks, the AI Bot comes back and says “Master, I’ve done better than that, I’ve deposited $5B into your bank account, bought you mansions and Ferrari’s, all over the world.” Conclusion: The AI figured out on its own that the kid just really wanted money and toys.

Scroll to Top