Washington, June 7 (IANS) Artificial intelligence is dramatically changing the cybersecurity landscape, creating powerful new tools for defence while also giving criminals and hostile states new ways to attack critical infrastructure, technology experts and lawmakers warned during a US Congressional hearing.
The hearing came days after President Donald Trump signed an executive order directing federal agencies to develop a framework for evaluating advanced AI cyber capabilities and expanding access to frontier AI models for government and critical infrastructure operators.
Experts told members of the House Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection that AI is accelerating the discovery of software vulnerabilities, increasing the speed of cyber attacks and intensifying competition between the United States and China.
“These models are already reshaping the threat landscape, and the federal government cannot be the last to understand what they can do,” Subcommittee Chairman Andy Ogles said.
Sandra Joyce, Vice President of Google Threat Intelligence Group, said AI is already being used by cyber criminals.
“Those concerns were validated recently when we discovered evidence for the first time that AI was used to develop a zero-day exploit by cyber criminals,” Joyce testified.
She said attackers are increasingly using AI to identify vulnerabilities and move through networks faster than traditional security teams can respond.
“Threat actors are able to move rapidly before and after gaining access to a network using AI. They can take advantage of vulnerabilities faster than we can patch, and they can move rapidly through networks using autonomous agents,” she said.
Chris Meserole, Executive Director of the Frontier Model Forum, said advanced AI systems present both opportunities and dangers.
“An agent that finds zero-day vulnerabilities can protect us in the hands of a defender but expose us in the hands of an attacker,” he said.
Meserole warned that foreign competitors could use a technique known as “adversarial distillation” to replicate the capabilities of advanced AI systems while stripping away safety protections.
“Foreign actors can use distillation to accelerate their own AI development and leverage the capabilities they gain against US critical infrastructure,” he said.
Jack Cable, Chief Executive Officer of Corridor Security and a former adviser at the Cybersecurity and Infrastructure Security Agency, said AI is increasing both the scale and speed of cyber risks.
“The central challenge is not that AI creates new categories of vulnerabilities. It’s that AI dramatically increases the speed and scale at which vulnerabilities can be introduced, found, and exploited,” he said.
Cable argued that governments and companies should focus on preventing vulnerabilities before software is deployed rather than relying solely on fixing problems after they are discovered.
China emerged repeatedly during the hearing as lawmakers questioned witnesses about the growing global influence of Chinese AI models.
Witnesses warned that low-cost Chinese AI systems could become widely adopted across software development, cloud computing and critical infrastructure if the United States fails to remain competitive.
“I don’t think there’s prize for second place in the AI race, nor is there one in the quantum race,” Joyce said.
She said Chinese cyber groups have already demonstrated their ability to infiltrate critical infrastructure networks, making AI leadership a matter of national security.
Democratic lawmakers raised concerns about privacy, surveillance and civil liberties. Matthew Guariglia, a senior policy analyst at the Electronic Frontier Foundation, cautioned that AI could significantly expand government surveillance capabilities unless accompanied by stronger safeguards and transparency requirements.
–IANS
lkj/rs
