We are beginning to see the terms “artificial intelligence” and “machine learning” popping up in a lot of places recently. They typically are used to describe software that has learning capabilities. With this advancement, many organizations are able to automate more of their business and reduce costs over time. Unfortunately, any good thing also comes with some drawbacks. In today’s blog we will introduce you to a phenomenon called data poisoning and what drawbacks it can have for your business.
What is Data Poisoning?
Data poisoning happens when someone tampers with machine learning training data. How does this happen? The same way any malware gets on your computer or network; other people set out to undermine your business through cyberattacks. In this case, a hacker will work to gain access to a machine learning database and deliberately alter incorrect or misleading information and since the system is set up to learn from the data, the corrupted data will result in AI conclusions that could be very bad for your business.
There are two main types of data poisoning attacks. The first type targets the availability of the data the Machine Learning (ML) or Artificial Intelligence (AI) reads. This is a pretty unsophisticated process. Essentially, it is just a matter of getting as much bad data into the database as possible. The other type targets the fundamental workings of the ML or AI database itself. It doesn’t so much as change the data, it leaves a backdoor into the system to let attackers manipulate the system at will. Both methods render the complex system worthless.
Why is Data Poisoning a Concern?
The simple answer is that people are using these systems more and more and leaving the success of their business in the hands of these automated systems. The efficacy of any AI or ML system is tied directly to the data that it uses. If the data is corrupt, the system will cause more problems than it will solve.
If you consider that these systems are still in their infancy, as far as business insights go, you can imagine as these systems get more sophisticated, the smallest changes to a database could completely render these systems useless. These tools are the future of business and having their usefulness soiled by cybercriminals is not a very attractive option for anyone except the hacker.
What Can You Do?
The good news is that in order to gain access to these systems, a hacker will need to break in. That means that your current cybersecurity efforts will be good enough to keep your ML or AI databases from being corrupted. You will want to keep your software updated and be sure to routinely train your employees on how to thwart phishing attacks and other scams.
Other than that, you will want to keep your firewalls and antivirus up-to-date with the latest threat definitions and keep up on it. While AI and ML-fueled software is not really commonplace yet, it will be and ensuring that your staff is on their toes is the best way to avoid any type of cyberattack.
At SRS Networks, we help California organizations be the most secure organizations they can be. If you would like to talk to one of our consultants about keeping your systems secure—whether you use machine learning or AI, or not—give us a call today at (831) 758-3636.