Daran habe ich gar nicht gedacht. (I did not even think about that). This was Einstein’s reaction when Leó Szilárd explained that a chain reaction in uranium could be used to produce a bomb. A letter was quickly dashed to FDR – and just six years later, the United States would detonate two nuclear weapons over the Japanese cities of Hiroshima and Nagasaki. Had the President been too busy to heed this warning, German physicists might have altered the course of history.
If Einstein were alive today, I suspect he’d be informed of a new security issue – one he would certainly recognize as requiring the immediate attention of global leaders. Specifically, advanced artificial intelligence (AI), combined with large volumes of data, can now be used to produce an awesome cyber weapon, one that will provide its owner with instant global cyber superiority. The only place where this can and will be constructed is China. (If this is news to you, then please read on).
The appropriateness of whether China should be the only country to possess such a powerful capability is perhaps for another forum. But the fact that their military will most definitely enjoy such advantage in cyber is rarely discussed by experts and barely mentioned in the media. In this note, I will explain what it takes to build the perfect AI-based cyber weapon and why China is uniquely positioned to create such a capability within six years. The following points build my case:
Recognize first, that AI can see a network as follows: It can read configuration files; it can read routing tables; it can discover connection points; it can scan for listening programs; and so on. Obviously, this data must be made visible to the AI – which is not true in most cases. Nevertheless, the data provides an image of a network, sometimes called an attack surface – and the resulting sequence of images over time enables tracking of network status – like watching a movie of a network.
Recognize second, that it is relatively easy to map networks to security outcomes. That is, suppose that the commercial or government authorities who own some network use AI to track their Internet-visible network surface. It thus becomes straightforward to time-correlate such on-going AI-views with when and how their network was vulnerable or was hacked during that period. This method is not conjecture; it is how many commercial AI tools work today on enterprise networks.
Recognize third, that performing time-correlation of vulnerabilities and hacks using AI-viewed movies is not restricted to networks: It also can be done for systems, servers, IoT devices, endpoints, applications, and so on. But this requires the authority to access such resources, a condition that is inconceivable to imagine at the national level in the United States. Citizens and businesses would sooner return to their etch-a-sketches than allow NSA to view their private data.
And recognize fourth, that the power of time-correlating vulnerabilities and hacks to AI-viewed movies is directly proportional to the amount of relevant data available. Yes – commercial tools use AI today for cyber security, but their application is limited to data from an individual enterprise. Like the blind men and the elephant, multiple AI deployments will draw different conclusions: Banks, government agencies, and power companies will not categorize viewed objects the same way.
Which brings me to China: The Chinese government has the supreme authority to centrally collect and view data of interest from their citizens and businesses. And they do this today: Just try jay-walking in Shenzen and you will get an instantaneous text from the authorities. With such deep and pervasive surveillance already in place, the potential for China to advance its cyber capabilities by using AI to watch movies of their own networks, systems, and applications is high.
The level of data access will be unprecedented: Chinese telecommunications companies will allow AI to learn about service provider attack surfaces; Chinese banks will allow AI to learn about financial services-related attack surfaces; and on and on. Such learning can be combined with the personal computing-related information from a billion-and-a-half Chinese citizens to time-correlate relevant networks and systems with observed vulnerabilities and hacks.
Which brings me to cyber security: If you can time-correlate movies of your own networks, systems, and applications with security data, then you can train an AI weapon to perform this task for networks, systems, and applications that you do not own. Such capability can then serve as the basis for a powerful offensive and defensive cyber weapon, one that can scan movies of everything on the Internet for soft spots. Translated: Chinese AI weapons will know where to attack.
Yes – I know that the obligation remains to actually perform the cyber attack – but I would estimate this to be the easiest of all tasks. Once any nation-state is alerted to where a vulnerability resides, it is an easy lay-up for their military to perform the exploit. I believe that China, Russia, America, Israel, and Britain are equally good at cyber offense today, but only China will have this massive AI-based set of hints. It will give them a strong competitive edge.
From a defensive perspective, such cyber capability will also allow for accurate labeling of inbound threats. Every Chinese business, agency, and citizen will offer a real-time movie of the cyber exploits they see hitting their systems. The AI will come to recognize attacks more accurately than any commercial tool – simply because it will have more data from which to perform the labeling. Nothing on earth will be able to match this in terms of size, scope, and volume.
Which brings me to cyber superiority: If the Chinese advance their surveillance programs at the current rate, and if AI technology continues to develop at its present rate (thanks to awesome researchers like Hinton, LeCun, Bengio, and others), then I estimate that the Chinese will have a working offensive and defensive cyber capability along the lines described above within six years. Please don’t ask for a breakdown, but I have confidence in my assertion. Six years.
It is worth noting, by the way, that the popularly-held view, particularly in America, that the Chinese can steal the intellectual property of others (and the evidence is strong that they have certainly done so with great vigor), but that they cannot innovate on their own, seems unsupportable. Many recent articles point to the significantly-increased AI budget in China, and the technical journals are increasingly being filled with contributions from Chinese researchers.
Which brings me to the United States: To address this threat, the United States would have to convince every business and citizen to participate in a well-coordinated AI data collection process. The privacy community, however, would throw up on this, as would many AI commercial vendors, and most corporate boards. NSA or DoD can fund classified research, but their training data will be biased and insufficient: Even under optimal conditions, our AI tools will be weak.
Another option might be to create a global collective of companies, organizations, and groups willing to share data in a trusted manner to allow AI tools to be sharpened. Presumably, such an effort would result in a public, open-source capability (reminiscent of ImageNet). While the likelihood of the United States and its allies agreeing to such an initiative under present political conditions is unclear, the development of a global cyber collective for AI seems worth discussion.
You also might be wondering whether cooperating with China on some joint development of a broad AI capability for cyber is a possibility. It is certainly a reasonable technical option, but given the heated rhetoric around Chinese supply chain risks, it is beyond belief to imagine that the United States would break bread with the Chinese to share AI learning-data openly with companies like Huawei. That bridge would appear to have been completely blown.
Bottom line: Within six years, all nations will be forced to accept that the Chinese possess a cyber security offensive and defensive capability that no one else can match. Every negotiation with China will have to take this new capability into account. Every cyber offensive exercise will see a uniquely effective defense from China. This will create a new world-order, and I suspect that the President of the United States, as well as other global leaders, don’t even know it’s coming.
My prayer to the world is that China will use this capability responsibly.