Fully autonomous botnets comprised of AI-enabled smartphones equipped with neural processing units aren't a realistic threat in the immediate future, Avast Research Director Martin Balek told AndroidHeadlines. While "technically possible," such networks of compromised devices capable of conducting intelligent hacking attacks won't be achievable on a massive scale in at least "one or two years," Mr. Balek said, citing a wide variety of obstacles that are presently preventing hackers from creating AI threats. The primary reason for that state of affairs is the technically challenging nature of designing a fully automated AI botnet, the industry veteran believes, pointing to the 2016 DARPA Cyber Grand Challenge as one example illustrating that claim. Intelligent hacking platforms that leverage the NPUs of numerous compromised devices are still an unknown in the sense that the manner in which such convoluted systems are supposed to be designed isn't "common knowledge," Mr. Balek said.
Avast's security researcher also noted that consumer electronics may still not be powerful enough to actually allow for entirely automated botnets, adding that cybercriminals are likely waiting for the technological barrier to such attack vectors becomes "significantly lower than [it is] today." Mr. Balek also pointed to the relative scarcity of NPUs in contemporary mobile devices, saying that their "massive misuse" is presently unfeasible due to the fact that AI chips are currently only found inside select flagships. As the vast majority of cybercriminals target the most widespread hardware based on a cost-effort calculation, they still aren't inclined to even attempt working on attacking NPU-equipped devices given how a hypothetical AI botnet solution would likely have a smaller impact than a traditional botnet while being significantly more costly to create, Mr. Balek suggested. Ultimately, even as NPUs become a more common smartphone component moving into the next decade, the misuse of such technologies will probably debut in a manner that's much more limited in nature than a botnet is, Avast's security expert said, adding that single-purpose computational platforms such as malicious cryptocurrency miners are more likely to end up being the initial manifestations of mobile NPU misuse.
While artificial intelligence-enabled smartphone botnets may not be compromising any infrastructure on a large scale until the next decade, botnets themselves are already a significant issue in the mobile and IoT segments. IoT companies in particular are yet to embrace an entirely universal set of security standards and even though individual platforms such as Google's Android Things are promising to address those concerns, it remains to be seen whether they eventually end up enjoying widespread adoption.