Security

Hackers Use AI to Reshape the Cybersecurity Landscape

The big business of hacking requires a sophisticated response from K–12 IT teams.

Gienna Shaw is an independent journalist with more than 25 years of experience as a writer and editor. She specializes in business, technology and healthcare.

Cybercriminals aren’t hobbyists: Cybercrime is a business that uses sophisticated technology, including artificial intelligence, to automate profit-making. It’s a big business, too. Bad actors rake in about $1.5 trillion a year, according to a study from the U.K.’s University of Surrey earlier this year.

But there is some good news. Educational institutions can avoid becoming targets by raising the cost and complexity for hackers, reducing their return on investment.

“While there are AI tools that cybercriminals can use, there’s a cost to that in connectivity, storage and power,” says Michael Suby, vice president of research at Stratecast. “Either they have to find a way to steal that and not be detected, or they have to pay.”

Districts can also fight fire with fire, using hackers’ tools against them. But while machine learning could help analyze user behavior to develop ideal security settings, for example, it’s also important to build security into systems from the start. As part of doing so, IT leaders must make use of both security technologies and the important human element in keeping systems safe.

Yoav Freund, a professor at the Jacobs School of Engineering at the University of California, San Diego, says organizations must use people and computing power in concert. Freund, who’s also an adviser at the Halıcıoğlu Data Science Institute, says that although computers can detect suspicious data, only humans have the agency to act on it.

That means staff and students must understand both threats and solutions. “The main thing is really education,” says Freund. “Educate kids that these things are out there and educate them in terms of the tools they can use to verify what is fake and what is real.”

Here’s more advice from the experts.

Tighten Up Cybersecurity Throughout the District

“The security for many enterprises is considerably worse than you’d think,” says Deian Stefan, who’s also a professor at UCSD’s engineering school and an HDSI adviser.

That means every district likely has room to tighten its environments, resources, storage, networking and monitoring. “Make sure to fence your applications and your resources to be sure they’re only being used for proper activity,” Suby says. That will prevent resource leakage and make sure that attackers don’t have greater capabilities than legitimate users.

Monitor Usage and Be Alert for Sensitive Data in the Cloud

In addition to the many commercial tools that monitor server and network usage, cloud platforms offer monitoring capabilities that can reduce the risk of malicious use of resources. IT staff should also include cloud security as part of any cybersecurity awareness training provided to district employees.

Use a Secure Runtime Monitor

Be sure to choose a secure solution that lets you specify security policies. “Even if you get compromised, the runtime monitor ensures that the attacker can’t reach your data,” Stefan says.

Eventually, machine learning will perform tasks such as evaluating user-application interactions to set session durations accordingly, limiting the window of opportunity for cybercriminals, Suby says. And, as the IT community becomes more aware of resources and gets better at monitoring them, it will be harder for criminals to steal them.

“If you step back and ask, ‘How do we do this right? How do we invest time and money into solving the problems?’ there’s a payoff,” says Stefan.

Jackie Niam/Getty Images