Experts warn that AI-driven cyber-physical attacks are on the rise.

• The FBI Director, Christopher Wray, stated that Chinese government hackers are focusing on attacking water treatment facilities, the power grid, transportation systems, and other essential infrastructure within the United States.
• In the lab, MIT researchers simulated cyberattacks that can ignite fires and explosions in various equipment, including motors, pumps, valves, and gauges.
• War involves attacking physical infrastructure, and so far, nation-states have steered clear of this.

Most people imagine frozen screens, ransomware threats, and DDoS attacks when they think about cybersecurity breaches, which can disrupt connectivity for a few hours or even days.

With the increasing prevalence of artificial intelligence among hackers, there is concern that we may be entering the age of "cyber-physical attacks."

The FBI has warned Congress that Chinese hackers have infiltrated the United States' cyber infrastructure with the intention of causing harm, specifically targeting water treatment plans, the electrical grid, transportation systems, and other critical infrastructure within the U.S.

With the emergence of generative AI, concerns about physical attacks being the next phase of cybercrime have intensified, according to Stuart Madnick, an MIT professor of engineering systems and co-founder of CAMS.

More than taking a system offline

Madnick stated that he and his team simulated cyberattacks in the lab, resulting in explosions. They were able to hack into computer-controlled motors with pumps and make them incinerate. Attacks that cause temperature gauges to malfunction, pressure values to jam, and circuits to be circumvented can also cause blasts in lab settings. Such an outcome, Madnick said, would do far more than simply taking a system offline for a while, as a typical cyberattack does.

If a cyberattack causes a power plant to stop, it will be back online quickly, but if hackers cause it to explode or burn down, it will take weeks and months to recover because many of the parts in specialized systems are custom-made. People often underestimate the magnitude of downtimes.

Although AI has enhanced the technology, it can only cause harm if three elements are present: capability, opportunity, and motivation.

"War would be declared if attacks on physical infrastructure occur, and so far, nation-states have avoided it," Madnick said.

Experts differ on the severity of the threat posed by cyber-physical attacks and the impact of AI.

The use of programmable logic controllers (PLCs) in systems is a vulnerability in the country's infrastructure, according to Tim Chase, CISO at data platform Lacework.

Industrial systems are at risk of being compromised by hackers who use generative AI to create malicious code for PLCs. Once a hacker gains control of a PLC, they can cause significant damage to industrial systems, potentially resulting in physical harm. While industrial controls are difficult to hack, Chase believes that AI provides "mid-level hackers" with the tools they need to improve their skills and pose a greater threat.

Industrial control systems can be vulnerable to attacks by individuals without the necessary skills and patience, according to Chase.

The ease of exploitation of vulnerabilities in legacy systems will increase with AI's arrival, as predicted by Chase.

As a program director and professor at Katz School of Science and Health, Yeshiva University, and CEO of cybersecurity management platform Onyxia, Sivan Tehila is concerned about the potential increase in cyber-physical attacks.

Tehila stated that cyberattacks powered by AI can occur rapidly and are intricate to identify and prevent.

Tehila, who has experience in cybersecurity and worked in the Israel Defense Forces, stated that AI is crucial in enhancing cyber defenses by analyzing vast amounts of data in real-time and identifying malicious activity, while also assisting the good guys in detecting and responding to threats more effectively.

Michael Kenney, a professor at the University of Pittsburgh and director of the Matthew B. Ridgway Center for International Security, stated that cybercriminals face risks in attempting to destroy physical infrastructure. They understand the importance of the internet and do not want to disrupt it. Terrorists, in general, tend to rely on traditional methods such as weapons and military hardware.

"If something explodes, it not only damages the nearby units but can also harm people, which is more concerning for Madnick," he stated.