Network security graphic user interface background.
Da Cook E+ | Getty Images
When most people hear about cybersecurity hacks, they imagine frozen monitors, ransomware demands, and DDoS attacks that compromise connectivity for hours or even days.
Some experts, though, worry that with the advent of widespread artificial intelligence in the hands of hackers — lone wolves and nation-states alike — we may be entering an era of “cyber-physical attacks.”
Indeed, last month the FBI warned Congress that Chinese hackers had penetrated deep into America’s cyber infrastructure in an attempt to cause harm. FBI Director Christopher Wray said Chinese government hackers are targeting water treatment projects, power grids, transportation systems and other critical infrastructure inside the United States.
Stuart Madnick, MIT professor of engineering systems and co-founder of Cyber Security at MIT Sloan (CAMS), has studied and written about the cyber-physical nexus. He said that with the widespread advent of generative AI, concerns about physical attacks in the next phase of cybercrime have increased.
Mednick said he and his team have simulated cyber attacks in the lab that resulted in explosions. They were able to hack the computer-controlled motors with the pumps and fire them up. Attacks that distort temperature measurements, jam pressure values, and block circuits can also cause explosions in laboratory settings. Mednick said such an outcome would do more than simply take the system offline for a while, as a typical cyberattack would do.
“If you cause a power plant to stop with a typical cyber attack, it will be back up and online very quickly, but if hackers cause it to explode or burn down, you’re back on a day or two later. There won’t be a line; it’ll be weeks. And months because so many parts of these specialized systems are custom built. People don’t realize that the downtime can be quite long,” Mednick said. said
Technology, now boosted by AI, exists to destroy physical systems, he added. Still, three elements must be present for such attacks: capability, opportunity, and motivation.
“The only thing that keeps really bad things from happening is not having enough motivation,” Mednick said. Attacks on physical infrastructure would amount to war, and so far, this is something that nation-states have avoided.
Experts, though, differ on the level of threat from cyber-physical attacks and how much AI is adding to it.
The number of systems using programmable logic controllers (PLCs) is a weak spot in the nation’s infrastructure, said Tim Chase, CISO of Data Platform Less Work.
Address fears that hackers could use generative AI to help generate code for PLCs. And once a bad actor has control of a PLC, they can wreak havoc on industrial systems that can result in physical manifestations. And while industrial controls are hard to hack, Chase worries that AI gives “mid-level hackers” the tools to up their game.
“AI can make it easy for someone who lacks the skills and patience to attack industrial control systems themselves,” Chase said.
Many industrial and healthcare systems in the United States still rely heavily on decades-old legacy systems with weak safeguards. The advent of AI will make it easier to exploit these vulnerabilities. “Any time you make attacks easier, there will be more incidents,” Chase said.
Seon Tahila, Program Director and Katz School of Science and Health, professor at Yeshiva University, and CEO of cybersecurity management platform Onyxia, are also concerned about the potential increase in cyber-physical attacks.
“AI-powered cyberattacks can happen very quickly, and are sophisticated and complex to detect and mitigate,” Tehila said.
But while she sees the threat of AI-assisted cyber-physical attacks growing, she said AI also helps the good guys. “AI can enhance cyber defenses, detect threats and analyze vast amounts of data in real time and detect malicious activity,” said Tahila, who also serves in the Israel Defense Forces and specializes in cyber security. It plays an important role in identifying and responding more effectively.”
University of Pittsburgh Professor Michael Kenny and director of the University The Matthew B. Ridgway Center for International Security said there are risks for cybercriminals to try to destroy physical infrastructure. They don’t want to deplete the Internet’s vast reserves because they rely on it too. Terrorists, in general, are more likely to use tried-and-true tools that have worked in the past, such as weapons and military hardware, he said.
But Madnick is worried. “When something explodes, it destroys not only that unit but also other units around it, which can cause more trouble and inconvenience to people,” he said.