How AI is helping in tackling dark web's cyber threats
The dark web, a notorious hub for cybercrimes including malware distribution, data breaches, ransomware services, and phishing kits, is now being monitored by artificial intelligence (AI). This technology is being utilized by law enforcement agencies, governments, and corporations to detect potential threats. The global market for dark web threat intelligence is projected to reach $1.7 billion by 2030, due to an increase in digital threats.
Flare introduces AI-driven monitoring solution
In response to the growing dark web market, companies like ZeroFox, CrowdStrike, Digital Shadows, Flare, IBM X-Force are investing in AI for advanced dark web monitoring technologies. Flare has recently launched Threat Flow, an innovative AI-driven solution for dark web surveillance. Mark MacDonald from Flare explained that their system uses natural language processing (NLP), for tracking threat actors and large language models (LLMs) for identifying high-value posts.
Threat Flow's functionality and potential misuse
Threat Flow categorizes every dark web forum thread across the most high-value dark web forums. The language models summarize the threats and allow easy navigation through various forum conversations, enabling customers to seamlessly identify high-value dark web intelligence. However, MacDonald acknowledged that while it's unlikely cybercriminals could benefit from reverse engineering their technology, there is a possibility of threat actors using AI to better detect "undercover" law enforcement agents and ban them from the platform.
AI's role in monitoring and human expertise
Shawn Waldman from Secure Cyber highlighted that AI enhances dark web monitoring through speed and efficiency, performing deeper dives and correlating data from various searches. However, he also emphasized the importance of human expertise in this process. MacDonald echoed this sentiment, stating, "AI acts as an enabler to humans, helping them identify relevant information faster, find context more quickly, and prioritize the right events."
AI-driven dark web monitoring surpasses traditional methods
Traditional dark web monitoring involves analysts using keywords, to identify relevant posts across vast dark web databases. But with AI, analysts can narrow down the search to specific events or elements that match customers' interests, MacDonald explained. For instance, Threat Flow adds a layer of language models to the dark web collection to allow what the company calls 'in-context semantic search.' Thanks to this enhancement, the AI identifies highly relevant results that traditional keyword searching could never find.