23 December 2024

Exploring the AI-ICT Security Nexus

GIACOMO PERSI PAOLI & SAMUELE DOMINIONI

Introduction

As governments, businesses, and societies grow more digitally interconnected, cyber resilience and cybersecurity strategies have become pivotal issues in safeguarding national and global stability. Artificial intelligence’s (AI) application in the information and communication technologies (ICT) domain is reshaping the landscape of both offensive and defensive cybersecurity, providing enhanced capabilities to malicious actors while simultaneously offering unprecedented tools to defenders.

In the ongoing Open-ended Working Group on security of and in the use of information and communications technologies 2021–2025 (OEWG), States are increasingly expressing concerns over threats coming from AI-enabled malicious ICT activities. In the last Annual Progress Report (APR) adopted in July 2024, AI was specifically mentioned in the Existing and Potential Threats section, where States noted that AI (as well as other emerging technologies) “could potentially have implications for the use of ICTs in the context of international security by creating new vectors and vulnerabilities in the ICT space”.

However, to support a more concrete examination of the impact of AI, both positive and negative, on the implementation of Framework of Responsible State Behaviour in Cyberspace,2 it is paramount to develop a more granular understanding of how AI is in practice changing capabilities and behaviours of both perpetrators (i.e., the attackers) and defenders during each step of malicious ICT activities.

No comments: