Artificial intelligence has the potential to bring a select set of advanced techniques to the table when it comes to cyber offense, researchers say.

Last week, researchers from Darktracesaid that the current threat landscape is full of everything from opportunistic attacks from teen hackers to advanced, state-sponsored assaults, and in the latter sense, attacks continue to evolve.

However, for each sophisticated attack currently in use, there is the potential for further development through the future use of AI.

Within the report, the cybersecurity firm documented three active threats in the wild which have been detected within the past 12 months. Analysis of these attacks – and a little imagination – has led the team to create scenarios using AI which could one day become reality.

"We expect AI-driven malware to start mimicking behavior that is usually attributed to human operators by leveraging contextualization," said Max Heinemeyer, Director of Threat Hunting at Darktrace. "But we also anticipate the opposite; advanced human attacker groups utilizing AI-driven implants to improve their attacks and enable them to scale better."

Trickbot. The first attack relates to an employee at a law firm who fell victim to a phishing campaign leading to a Trickbot infection.

Trickbot is a financial Trojan which uses the Windows vulnerability EternalBluein order to target banks and other institutions. The malware continues to evolve and is currently equipped with injectors, obfuscation, data-stealing modules, and locking mechanisms.

In this example, Trickbot was able to infect a further 20 devices on the network, leading to a costly clean-up process. Empire Powershell modules were also uncovered which are typically used in remote, keyboard-based infiltration post-infection.

AI's Future Role.Darktrace believes that in the future, malware bolstered through artificial intelligence will be able to self-propagate and use every vulnerability on offer to compromise a network.

"Imagine a worm-style attack, like WannaCry, which, instead of relying on one form of lateral movement (e.g., the EternalBlue exploit), could understand the target environment and choose lateral movement techniques accordingly," the company says.

If chosen vulnerabilities are patched, for example, the malware could then switch to brute-force attacks, keylogging, and other techniques which have proven to be successful in the past in similar target environments.

As the AI could sit, learn, and 'decide' on an attack technique, no traditional command-and-control (C2) servers would be necessary.

AI's Future Role.It is possible that AI could be used to further adapt to its environment. In the same manner, as before, contextualization can be used to blend in, but AI could also be used to mimic trusted system elements, improving stealth.

"Instead of guessing during which times normal business operations are conducted, it will learn it," the report suggests. "Rather than guessing if an environment is using mostly Windows machines or Linux machines, or if Twitter or Instagram would be a better channel, it will be able to gain an understanding of what communication is dominant in the target's network and blend in with it."

Take It Slow. In the final example, Darktrace uncovered malware from a medical technology company. What made the findings special was that data was being stolen at such a slow pace and in tiny packages that it avoided triggering data volume thresholds in security tools.

Multiple connections were made to an external IP address, but each connection contained less than 1MB. Despite the small packets, it did not take long before over 15GB of information was stolen.

By fading into the background of daily network activity, the attackers behind the data breach were able to steal patient names, addresses, and medical histories.

AI's Future Role. AI could not only provide a conduit for incredibly fast attacks but also "low and slow" assaults. It can also be used as a tool to learn what data transfer rates would flag suspicion to security solutions.

Instead of relying on a hard-coded threshold, for example, AI-driven malware would be able to dynamically adapt data theft rates and times to exfiltrate information without detection.
​
"Defensive cyber AI is the only chance to prepare for the next paradigm shift in the threat landscape when AI-driven malware becomes a reality," the company added. "Once the genie is out of the bottle, it cannot be put back in again."

British scientists have developed a self-contained and tamper-proof "quantum compass" that doesn't rely on GPS signals to provide a highly accurate measure of where it is in the world.

The compass is a quantum accelerometer that is capable of measuring tiny shifts in supercooled atoms and so calculate how far and how fast the device has moved. Having a device like the quantum compass aboard a ship, the captain knows exactly where his ship is without having to rely on orbiting satellites.

The system has been designed by quantum physicistsat Imperial College, London – who developed a laser system for cooling atoms down and at photonics and quantum technology specialist firm M Squared– which developed another laser system to act as an “optical ruler.” Their work has been funded by the UK's Ministry of Defense.

Although GPS satellites are a modern marvel and are used by just about everyone to identify their precise location, the fact is the system is not perfect.

A phone's GPS is accurate to roughly 15 feet, although military GPS devices can be accurate to centimeters. Then there is the fact that tall buildings will often throw a signal off and signals can be impaired by any large, dense object.

But that's not why the Ministry of Defense is interested in a quantum compass: its concern is that the GPS system is vulnerable to attack or deliberate disruption. A GPS signal could be spoofed or blocked for instance. When you're thinking about nuclear submarines, it's usually best to consider the worst.

“Pirates are now sophisticated enough to cause disruptions to ships’ GPS systems and lure them to rocks or take over and board them,” said Graeme Malcolm, the CEO of M Squared.

“They can be an even bigger issue in areas of defense and security, where the resilience and security of cities and countries are impacted. This new device is an absolute reference that goes down to the atomic level.”

Accuracy. This is not the first time that accelerometers have been used for navigation, but the reality is that such systems are not sufficiently accurate, meaning that as time goes on the system becomes increasingly out of whack and requires recalibration.

Not so with the quantum compass, according to its makers. Lasers are used to supercool atoms, and then another laser is used to act as "optical ruler" measuring how far those atoms have moved. At extremely low temperatures, atoms behave in a ‘quantum’ way, acting like both matter and waves.

Here's how Dr. Joseph Cotter, from the Centre for Cold Matter at Imperial College, explained it: "When the atoms are ultra-cold, we have to use quantum mechanics to describe how they move, and this allows us to make what we call an atom interferometer."

As the atoms move, their wave properties are affected by the acceleration of the vehicle. The optical ruler can measure these minute changes very accurately and then with a few relatively simple equations it is possible to figure out exactly where you are.

Size. But this is not something you're going to find in your smartphone: the prototype system is about three-feet wide and high, and it is incredibly expensive.
​
Plus, it can currently only measure in one plane. The scientists say they will soon be able to take measurements in three planes – making it an entirely independent super compass that can tell you where exactly it is at any point.

If you haven’t heard, universities around the world are offering their courses online for free (or at least partially free). These courses are collectively called MOOCs or Massive Open Online Courses.

In the past six years or so, over 800 universitieshave created more than 10,000 of these MOOCs. The people at Class Centralhave been keeping track of these MOOCs ever since they rose to prominence.

In the past four months alone, 190 universities have announced 600 such free online courses. Class Central has compiled a list of them and categorized them according to the following subjects: Computer Science, Mathematics, Programming, Data Science, Humanities, Social Sciences, Education & Teaching, Health & Medicine, Business, Personal Development, Engineering, Art & Design, and finally Science.

If you have trouble figuring out how to signup for Coursera courses for free, don’t worry — here’s an article on how to do that,too.
​
Many of these are completely self-paced, so you can start taking them at your convenience. Here is the list of courses.

Every election season, Uber and Lyft jockey for the position of the most civic-minded ride-hailing company by offering various promotions, like free and discounted rides to polling places. This year, both companies are trying something new. On November 6th, Uber will add a new button in its app that will help people find and book rides to their polling place. It’s an extra step that Uber says it hopes will help get out the vote. Lyft also promises something similar. 

Uber. The poll locator will be available to anyone who lives in the US, but it’s targeted at suburban or exurban voters who tend to live outside of walking distance of their polling location. There are a variety of websites where voters can go to find their polling information but pairing that with a transportation service could help bridge the gap between the intention to vote and going to the polls. 

Lyft. The San Francisco-based ride service is also aiming to help its customers find their polling location. The company said in a recent announcement that it would release a “product integration to help passengers find their polling location.” It didn’t, however, specify what that integration would look like.

Surveys indicate that voter enthusiasm is at an all-time high this year, but if history is any indicator, most eligible voters will stay home. Slightly more than one-third of eligible voters turned out across the country in the last midterm elections.

Uber is hoping it can make a small contribution to turnout. “Using our technology and resources, we can help make it easier for every Uber rider in the US to get to their polling place at the push of a button,” Uber CEO Dara Khosrowshahi said in a blog post.

The ride-hail company will also partner with two GOTV organizations, #VoteTogether and Democracy Works, to provide free rides to voters in specific communities. Uber will also help register riders and drivers to vote by sharing voter registration information through the app. An email went out to all Uber drivers this week encouraging them to visit one of Uber’s 125 Greenlight Hubs where they can register to vote. 
​
In August, Lyft saidit planned to give away 50 percent off promo codes with GOTV partners to encourage voter turnout. Neither Uber nor Lyft would say how many free and discounted rides they plan on distributing.