We frequently ask members of the OODA Network for insights into the environment. In this post we get the views of Robert Shaughnessy on the dynamics around AI, national security and critical infrastructure with a focus on near term developments.
In the ever-changing arena of national security, especially in critical infrastructure, the next two years are poised to witness a transformative phase. This is especially true for defense and resilience of critical infrastructure in the realms of cybersecurity, terrorism, and aging infrastructure. Artificial Intelligence (AI), encompassing both Large Language Models (LLMs) and traditional machine learning, is likely to be exploited by adversaries and wielded by defenders. We predict a dualistic evolution of AI capabilities and propose strategic frameworks for its application in safeguarding and enhancing critical infrastructure against an array of challenges, including cybersecurity threats (both IT and OT cyberphysical security), terrorism (both foreign and domestic), and the impacts of aging infrastructure.
The landscape of national security and the approach to critical infrastructure defense and resilience in the United States has been continually evolving. From the Cold War era’s focus on espionage and nuclear threats to the post-9/11 emphasis on counterterrorism, each period has had its distinct challenges. Today, the digital revolution and the rise of domestic political extremism have introduced new complexities. Critical infrastructure, the backbone of national well-being and security, faces diverse and evolving threats foreign and domestic. In this dynamic landscape, AI has emerged as a key tool, offering innovative solutions, and posing new challenges.
Historical Context and AI’s Emergence
Critical infrastructure has long been a target for various threats, with the last few decades witnessing a significant shift due to technological advancements. The journey of AI in national security can be traced back to its nascent stages when it was primarily a theoretical concept with limited practical application. Early AI in the form of basic machine learning algorithms began to find its place in the 1990s, primarily used for data analysis and pattern recognition in intelligence gathering.
In cybersecurity, the initial role of AI was largely confined to basic anomaly detection. Algorithms were employed to scan for unusual network activities, flagging potential threats for human analysis. For instance, early forms of Intrusion Detection Systems (IDS) utilized basic AI to identify known malware signatures. These were the foundational steps in IT cybersecurity, helping protect data and digital assets. Meanwhile, in operational technology (OT) systems, which control physical processes in infrastructure such as power grids or water treatment plants, early AI was limited to predictive maintenance, flagging potential mechanical failures.
In counterterrorism, AI initially served to sift through large volumes of intelligence data, aiding in the identification of potential threats. These applications were rudimentary but set the stage for more sophisticated future uses.
In the context of managing and operating infrastructure, initial AI applications were modest, primarily focused on predictive maintenance. Early machine learning models analyzed patterns in equipment failures, helping to schedule maintenance more effectively.
Current Applications of AI in Critical Infrastructure
Today, AI’s role in protecting and optimizing critical infrastructure has grown exponentially, becoming more nuanced and impactful.
In IT cybersecurity, AI, especially advanced ML and LLMs, has become central to defensive strategies. AI now drives complex systems that monitor network traffic, detect anomalies, and respond to threats in real time. For instance, AI algorithms can identify patterns indicative of a cyberattack, such as the unusual outbound traffic that might signify a data breach. In OT cyberphysical security, AI has become integral to protecting systems against attacks that could have direct physical consequences. For instance, the 2010 Stuxnet attack on Iran’s nuclear facilities marked a significant shift, demonstrating how cyber-attacks could have real-world, physical consequences. The 2015 attack on the Ukrainian power grid, where hackers caused widespread blackouts, underscores the importance of AI in detecting and responding to such threats. The domain of cybersecurity has transformed from the relatively isolated incidents of the early internet era to sophisticated attacks targeting both information technology (IT) and operational technology (OT) systems. Examples like the SolarWinds breach and the Colonial Pipeline attack underscore the increasing severity of these threats.
The terrorism landscape, foreign and domestic, has also evolved. From the focus on international terrorism post-9/11, there has been a significant shift towards the threat posed by domestic groups, as illustrated by events like the 2021 Capitol riot. These groups now use tactics previously associated with international terrorist organizations, often leveraging technology for coordination and propaganda. AI’s role in combating terrorism has expanded beyond data analysis to proactive monitoring and intervention. AI has become a powerful tool for intelligence agencies and law enforcement. LLMs, with their advanced natural language processing capabilities, are used to sift through massive datasets, including social media, to detect signs of radicalization or planning. These models can understand context and nuance in human communication, significantly enhancing surveillance and monitoring capabilities. Modern AI systems can also, for example, analyze drone footage to identify potential terrorist activities or track online communications for signs of radicalization. This is particularly crucial in tackling both foreign and domestic terrorism, where the nature of threats ranges from organized international networks to lone-wolf domestic actors.
A critical but often overlooked aspect of national security is the state of the nation’s infrastructure. The American Society of Civil Engineers reports that much of the U.S.’s infrastructure, from bridges to water systems, is aging and in need of repair. This aging infrastructure is not only more susceptible to breakdowns but also increasingly vulnerable to sophisticated cyber-physical attacks, as seen in the 2013 sniper attack on the Metcalf Energy Center in California, which highlighted the physical vulnerabilities of critical infrastructure.
The challenges of aging infrastructure have also seen AI play a transformative role. For aging infrastructure, AI and ML have advanced to not only predict when parts might fail but also optimize the operation of systems. AI algorithms are now integral to managing complex infrastructure networks, from power grids to water systems, enhancing efficiency and resilience. Beyond predictive maintenance, AI now aids in the optimization and modernization of these systems. For example, AI algorithms can manage energy distribution in a city’s power grid, adapting in real time to changes in demand or supply, thus reducing the strain on older systems and extending their operational life.
Future Predictions (2024-2026)
In the next two years, AI’s role in critical infrastructure is anticipated to become even more crucial and sophisticated.
Looking forward, the sophistication of both IT and OT cyber-attacks is expected to increase. With advancements in AI, we might see the emergence of AI-powered cyber-attacks that are more adaptive and challenging to detect. For example, AI could be used to develop malware that learns from its environment, making traditional defenses obsolete. Concurrently, AI is also expected to play a more significant role in cybersecurity defense. AI-driven systems, through machine learning algorithms, will likely become more proficient at detecting and neutralizing threats in real-time, and predictive analytics will become crucial in identifying potential vulnerabilities in both IT and OT environments.
In the realm of terrorism, the threat landscape is likely to continue evolving. Foreign terrorist organizations might increasingly leverage technology, including AI, for recruitment and propaganda dissemination. Moreover, the potential use of AI-driven autonomous systems in terrorist attacks could emerge as a new threat vector. In defense, AI’s predictive capabilities are likely to advance, offering more accurate forecasts of potential terrorist activities and enabling preemptive action. The use of AI in analyzing social media and other digital platforms will be instrumental in identifying and countering domestic terrorism threats. We might see the development of more advanced LLMs capable of detecting subtle signs of extremist activities online, potentially even predicting and preventing attacks before they occur.
AI’s role in managing aging infrastructure will likely focus on adaptive solutions. AI could be used to retrofit older systems with smart technologies, improving efficiency and resilience. For example, AI might enable an old bridge to monitor its own structural health in real time, alerting engineers to potential issues before they become critical. AI and ML will play a critical role in not just maintenance but also in adaptation, helping to retrofit old systems to better withstand modern threats, including cyber-physical attacks. AI’s predictive capabilities will be essential in anticipating and mitigating the impacts of these threats.
Conclusion
In 2024 and beyond, the integration of AI into the United States’ national security strategy represents a pivotal shift in addressing evolving threats. As this technology continues to advance, its strategic and ethical implementation will be crucial in safeguarding the nation’s security interests. The future of national security will increasingly depend on the sophisticated interplay of AI technologies across various domains. AI stands as a vital component in the ongoing effort to protect and optimize critical infrastructure against a variety of threats. Its evolution from a supportive tool to a central element in strategic planning and response underscores its significance. As AI continues to advance, its strategic integration, balanced with ethical considerations, will shape the future of how critical infrastructure is managed and protected. Developing secure AI algorithms, resistant to adversarial manipulation, and fostering collaboration across government, industry, and academia will be essential. Additionally, educating the public about AI’s role in security and its potential threats will be crucial in building a resilient and informed society.
