WIRED

This article was first published in the May 2016 issue of WIRED magazine. Be the first to read WIRED's articles in print before they're posted online, and get your hands on loads of additional content by subscribing online. For more stories from WIRED's Security issue, click here.

Last year, probably for the first time, two fully autonomous artificial intelligences went to war in anger: an attacker and a defender. The battlefield was a corporate network. And the prize? Control of the company.


For the past two years, the most advanced cyber-defence systems have used machine learning. They mimic the human immune system in that they first learn what is itself, and can then spot intruders by their actions. These advanced AIs learn autonomously, adapting to changes in corporate technology or its users, and spotting nefarious new actions.

Cyber defences may be getting more sophisticated, but so are the cyber attackers. The kind of attacks we read about every day - websites being defaced or customers' credit-card details being put on the web - are the least worrying. The real dangers are quiet and unseen, able to hijack or kill an

organisation at will. These attacks are very sophisticated. They use custom code with no signature, and cross all the boundary defences only once and never send stuff out. They may be active for 20 milliseconds a year.

Read next This CIA spy game reveals the secrets of successful teams This CIA spy game reveals the secrets of successful teams

But when commanded to act they can be deadly. What we read about today is the cyber equivalent of coming home to find your house burgled. The new threat is more akin to never realising anything has happened, yet you are under total surveillance and can be remotely given a fatal heart attack at any time.

In 2015, the power of the new deep-learning AI defences spawned a new level of attacker. These machine intelligences enter the organisation and then listen, learning how to behave, how to blend in, how to be more authentic than the real devices, servers and users. They can model thousands of authentic users and devices and bury their actions in everyday tasks. No more head-on attacks, but rather multiple tiny actions buried in normal operations.

When the concept of the AI defence was first raised, security professionals questioned if machine intelligence could handle the subtleties of a human-intelligence-driven attack. Similar statements were made by fund managers about machine-intelligence trading algorithms. Now a number of hedge-fund veterans have thrown in the towel and liquidated their multibillion funds, citing the new market run by machines. Just like the hedges, no human cyber analyst can watch so much, so fast, for such subtle traces.


The arms race is on. New systems are being announced to equip the defenders. Machines are now able to take action themselves, not just to report it. Artificial intelligences have been empowered to kick off network connections, devices and users, and wipe code faster than any human cyber analyst can manage. The defenders are now weapons live.

This is not like the wars of fiction, with killer robots firing lasers and walking across battlefields. It's a quiet, deadly stealth war in the shadows. Did the drive light on that server in that darkened data centre, or in the airliner avionics bay, flash just a moment longer than it should have...?

Mike Lynch is the founder of Invoke Capital