Tag Archives: IBM

New genre of artificial intelligence programs take computer hacking to another level

FILE PHOTO: Servers for data storage are seen at Advania's Thor Data Center in Hafnarfjordur, Iceland August 7, 2015. REUTERS/Sigtryggur Ari

By Joseph Menn

SAN FRANCISCO (Reuters) – The nightmare scenario for computer security – artificial intelligence programs that can learn how to evade even the best defenses – may already have arrived.

That warning from security researchers is driven home by a team from IBM Corp. who have used the artificial intelligence technique known as machine learning to build hacking programs that could slip past top-tier defensive measures. The group will unveil details of its experiment at the Black Hat security conference in Las Vegas on Wednesday.

State-of-the-art defenses generally rely on examining what the attack software is doing, rather than the more commonplace technique of analyzing software code for danger signs. But the new genre of AI-driven programs can be trained to stay dormant until they reach a very specific target, making them exceptionally hard to stop.

No one has yet boasted of catching any malicious software that clearly relied on machine learning or other variants of artificial intelligence, but that may just be because the attack programs are too good to be caught.

Researchers say that, at best, it’s only a matter of time. Free artificial intelligence building blocks for training programs are readily available from Alphabet Inc’s Google and others, and the ideas work all too well in practice.

“I absolutely do believe we’re going there,” said Jon DiMaggio, a senior threat analyst at cybersecurity firm Symantec Corp. “It’s going to make it a lot harder to detect.”

The most advanced nation-state hackers have already shown that they can build attack programs that activate only when they have reached a target. The best-known example is Stuxnet, which was deployed by U.S. and Israeli intelligence agencies against a uranium enrichment facility in Iran.

The IBM effort, named DeepLocker, showed that a similar level of precision can be available to those with far fewer resources than a national government.

In a demonstration using publicly available photos of a sample target, the team used a hacked version of video conferencing software that swung into action only when it detected the face of a target.

“We have a lot of reason to believe this is the next big thing,” said lead IBM researcher Marc Ph. Stoecklin. “This may have happened already, and we will see it two or three years from now.”

At a recent New York conference, Hackers on Planet Earth, defense researcher Kevin Hodges showed off an “entry-level” automated program he made with open-source training tools that tried multiple attack approaches in succession.

“We need to start looking at this stuff now,” said Hodges. “Whoever you personally consider evil is already working on this.”

(Reporting by Joseph Menn; Editing by Jonathan Weber and Susan Fenton)

IBM urged to avoid working on ‘extreme vetting’ of U.S. immigrants

IBM urged to avoid working on 'extreme vetting' of U.S. immigrants

By Dustin Volz

WASHINGTON (Reuters) – A coalition of rights groups launched an online petition on Thursday urging IBM Corp to declare that it will not develop technology to help the Trump administration carry out a proposal to identify people for visa denial and deportation from the United States.

IBM and several other technology companies and contractors, including Booz Allen Hamilton, LexisNexis and Deloitte [DLTE.UL], attended a July informational session hosted by immigration enforcement officials that discussed developing technology for vetting immigrants, said Steven Renderos, organizing director at petitioner the Center for Media Justice.

President Donald Trump has pledged to harden screening procedures for people looking to enter the country, and also called for “extreme vetting” of certain immigrants to ensure they are contributing to society, saying such steps are necessary to protect national security and curtail illegal immigration.

The rights group said the proposals run counter to IBM’s stated goals of protecting so-called “Dreamer” immigrants from deportation.

Asked about the petition and whether it planned to work to help vet and deport immigrants, an IBM spokeswoman said the company “would not work on any project that runs counter to our company’s values, including our long-standing opposition to discrimination against anyone on the basis of race, gender, sexual orientation or religion.”

The petition is tied to a broader advocacy campaign, also begun Thursday, that objects to the U.S. Immigration and Customs Enforcement’s (ICE) Extreme Vetting Initiative.

In an Oct. 5 email seen by Reuters, Christopher Padilla, IBM’s vice president of government affairs, cited the company’s opposition to discrimination in response to an inquiry about the vetting program from the nonprofit group Open Mic.

Padilla said the meeting IBM attended was only informational and it was “premature to speculate” whether the company would pursue business related to the Extreme Vetting Initiative.

Booz Allen Hamilton, LexisNexis and Deloitte did not immediately respond when asked about the campaign, which also highlighted their attendance at the July meeting.

ICE wants to use machine learning technology and social media monitoring to determine whether an individual is a “positively contributing member of society,” according to documents published on federal contracting websites.

More than 50 civil society groups and more than 50 technical experts sent separate letters on Thursday to the Department of Homeland Security saying the vetting program as described was “tailor-made for discrimination” and contending artificial intelligence was unable to provide the information ICE desired.

Opponents of Trump’s policies ranging from immigration to trade have been pressuring IBM and other technology companies to avoid working on proposals in these areas from the Republican president’s administration.

Shortly after the presidential election last year, for example, several internet firms pledged that they would not help Trump build a data registry to track people based on their religion or assist in mass deportations.

IBM is among dozens of technology companies to join a legal briefing opposing Trump’s decision to end the “Dreamer” program that protects from deportation about 900,000 immigrants brought illegally into the United States as children.

“While on the one hand they’ve expressed their support for Dreamers, they’re also considering building a platform that would make it easier to deport them,” Renderos said.

CREDO, Daily Kos, and Color of Change also organized the petition.

(Reporting by Dustin Volz in Washington, additional reporting by Salvador Rodriguez in San Francisco, Editing by Rosalba O’Brien and David Gregorio)