"NATO Tests AI’s Ability to Protect Critical Infrastructure Against Cyberattacks"

During an international experiment on AI's ability to secure and defend systems, power grids, and other critical assets by cyber experts at the North Atlantic Treaty Organization's (NATO) Cyber Coalition 2022 event late last year, researchers found that autonomous intelligence, artificial intelligence (AI) that can act without human intervention, can help identify critical infrastructure cyberattack patterns and network activity, and detect malware to enable enhanced decision-making about defensive responses.  The researchers stated that the simulated experiment saw six teams of cyber defenders from NATO allies tasked with setting up computer-based systems and power grids at an imaginary military base and keeping them running during a cyberattack.  The researchers noted that if hackers interfered with system operations or the power went down for more than 10 minutes, critical systems could go offline.  The differentiator was that three of the teams had access to a novel Autonomous Intelligence Cyberdefense Agent (AICA) prototype developed by the US Department of Energy's (DOE) Argonne National Laboratory, while the other three teams did not.  The aim of the experiment was to test and measure AI's efficiency in collecting data and assisting teams in responding to cyberattacks against critical systems and services, along with highlighting the need for tools that improve collaboration between humans and machines to reduce cyber risk.  The teams that used Argonne's AICA prototype made key observations surrounding network activity, logged events, and intrusion detection alerts, or they detected malware that enabled enhanced operator queries and automated decision-making about defensive responses.  The researchers noted that all the teams were able to keep their grids online, but that wasn't the only valuable outcome.  The researchers stated that they were able to see the network as AICA sees it, including relationships between attack patterns, network traffic, and target systems.  Agents use this information to build a knowledge graph of the network, and that helps them better protect it.  Bob Kolasky, Exiger SVP of critical infrastructure and former assistant director at the Cybersecurity and Infrastructure Security Agency (CISA), stated that the exercise shows the potential for emerging technology to be a game changer in managing risk to complex, interdependent systems.  Kolasky said that National Laboratories, such as Argonne, are bringing exquisite modeling, synthetic data, and high computing power to support critical infrastructure.  This will enable enhanced AI, and it will be important to test how AI is applied through operational concepts.  Kolasky noted that it is exciting to see NATO testing how to apply AI for critical infrastructure protection.

CSO reports: "NATO Tests AI’s Ability to Protect Critical Infrastructure Against Cyberattacks"