 עטקר unc surveillance can craft their cyber attacks to achieve their goal. לונשאי בסיבר-ארס-טק is very difficult, especially when the defenders are using AI to try to catch the attackers. The attackers needs to find new ways how to launch their attacks so they will not be detected by the defenders. AI aims to create intelligent machines. Machine learning is the most widely used AI tools in cybersecurity, while AI can help us to create intelligent detection systems. בהתק דולה האשרות, ה-EI עשי עשי זה עליהvez, וזה עשי בעורתי שוב כזה עשי אשר בקטנה מהפעמים. As you will see next. To understand how modern cyber-attacks look like, let's talk about the cyber kill chain, defined by Lockheed Martin to describe the different phases of an advanced cyber-attacks. These phases are translated by the attackers to a sequence of actions that they perform in order to achieve their goals. From the cyber attacker perspective, cyber attack cost must be lower than the expected benefit. This is the reason why AI is so attractive to attackers, because it can help the attackers to create cheaper attacks and much more scalable attacks, as you will see during the rest of my talk. First of all, during the reconnaissance phase, the attackers try to collect as much information about the target as possible, usually from open sources. AI can help the attacker to crawl the web and social media and to identify a specific individual that possesses a confidential document. We are going to try to attack this person to obtain this document. Next, the attacker enters the intrusion phase. In this phase, usually it's based on social engineering, where the attackers try to fool somebody inside the organization. AI can be used to pinpoint an individual inside the organization that is most susceptible to social engineering. We are going to attack him first. Then, what the attacker wants to do is to try to identify a vulnerability and exploit it in order to enter inside the organization. An AI tool named Fuzzing can be used to try to identify new vulnerabilities in systems that are being used by the system that we want to attack, by the organization that we want actually to attack. Next, the attacker is inside the organization and he wants to elevate his privileges. AI can help the attacker to identify security weaknesses performed by the IT personnel inside the organization and by that, to try to increase its privileges for the attacker will be able to do much more inside the organization. Then, when the attacker is rooted inside the organization, he will try to navigate toward the target. In this case, AI-recommended system can help the attacker, first of all, to derive the attack graph, analyze the attack graph and then to recommend how to get inside the target inside the organization that he actually wants to attack. Then, the attacker is very, very happy. He has a malware inside the target organization, but he wants to communicate with it. So, the malware needs to connect to the commander control server of the attacker. In this case, AI can help the attacker to establish new methods of how to connect the malware to the commander control server under the control of the attacker. Throughout the entire attack, authentication needs to be used by the attacker to hide its traces, so nobody will be able to detect it. In this case, AI can help the attacker to test all the attack's tools against the defense mechanisms and recommend how to recraft them so they will not be detected during the cyber attack. Usually, in the target organization, include many, many files, and the attacker needs to pinpoint and to analyze all these files to know what to leak outside. AI can help the attacker to analyze all these files and to recommend on which files, it is important to the attacker and which files to exfiltrate. When the goal of the attack is to demand ransom in order to unlock an encrypted file, in this case, AI can aid the attacker and tell him when to encrypt a file and which files to encrypt, so he will not be detected during a ransomware attack that is actually launching against the victim. When the attacker actually possesses a big botnet and he wants to run an attack against a specific target, AI can help the attacker to optimize the launching of the botnet, how to use these bots to attack a target and to achieve a distributed Null of Service attack against the victim. To conclude, attackers are going to increasingly use AI because it can lower the cost of cyberattacks. Attackers are going to use AI to find new ways how to create stealth attack that can bypass all the existing cybersecurity mechanisms. Thank you.