Will AI promise a world free from cyber-attacks? Three billion – that’s the number of users Android has amassed over the years. Of course, the number puts a smile on Google’s face, further validating its decision to acquire the former in 2005. But it is also a lucrative number for threat actors looking to push their malicious intentions to smartphone users. 

Google claims it had AI to save the day. The tech giant revealed that it is investing in multiple areas of community protection, including artificial intelligence to detect threats, enhanced privacy measures, and improved tools for developers.

This prevented 2.36 million policy-violating apps from being published on the Play Store last year. Furthermore, over 150,000 ‘bad developer accounts’ that intended to publish harmful apps were banned. 

Google is said to have used its advanced AI to improve malware detection. It revealed that “Over 92% of our human reviews for harmful apps are AI-assisted, allowing us to take quicker and more accurate action to help prevent harmful apps from becoming available on Google Play.”

This leads to an interesting takeaway. While there has been a long discourse on how AI can be a threat to online privacy and safety, how about using AI to mitigate the same? Especially more potent cyber attacks?

And it does seem like a promising method. 

It Takes Training 1Mn Models a Day to Prevent DDoS Attacks

AIM spoke to Omer Yoachimik, a senior product manager at Cloudflare, a leading cloud cybersecurity firm, to learn how AI can detect more serious cyber attacks, such as DDoS attacks. 

Yoachimik said AI and ML help them detect and mitigate traffic anomalies precisely, effectively defending against DDoS attacks. This system is built on Autonomous Edge, powered by a denial-of-service daemon (DOSD) that the company designed to mitigate DDoS attacks autonomously. 

“The data of DDoS attacks from threat intelligence-driven mitigations can be used to train AI/ML models, and vice versa. These models can point to attacks that can then be folded back into the intel,” said Yoachimik.

“However, a critical concern lies in avoiding a cyclic feedback loop, where the system reinforces false positives or flawed patterns,” he added. 

In another blog post, the company revealed that, like humans, AI is only great at spotting attacks it has seen before. One way the company solves this problem is by building a robust profile of a website’s ‘normal’ behaviour. 

Furthermore, the company said it continuously trains and updates around “one million models” per day to detect and mitigate unseen DDoS attacks. 

Cloudflare also revealed that in 2024, its autonomous DDoS systems blocked 21.3 million DDoS attacks – over 50% more than the previous year. 

“During the week of Halloween 2024, Cloudflare’s DDoS defence systems successfully and autonomously detected and blocked a 5.6 terabit per second (Tbps) DDoS attack — the largest ever reported,” added a report from the company.  

The attack took place on October 29, originating from over 13,000 IoT (internet of things) devices, and lasted 80 seconds. “It required no human intervention, didn’t trigger any alerts, and didn’t cause any performance degradation. The systems worked as intended,” said Cloudflare. 

The company also surveyed the customers affected by these attacks. While the majority of them didn’t say who attacked them, among the ones who did, 40% revealed that their competitors were the number one threat actors behind these attacks. 

“Another 14% reported that an extortionist was behind the attacks. About 7% claimed it was a self-inflicted DDoS, 2% reported hacktivism as the cause of the attack, and another 2% reported that the attacks were launched by former employees,” said Cloudflare. 

Yoachimik also revealed the prevalence of DDoS attacks in India and said that the country was the 5th and the 6th most attacked country in the world, based on the total volume of HTTP DDoS requests and total volume of HTTP DDoS bytes, respectively.

“In that same quarter, India was also the 9th largest source of L3/4 DDoS attacks (by total attack bytes) and the 11th largest source of HTTP DDoS attacks by HTTP DDoS bytes,” he added. 

The Golden Age for Cybersecurity Folks? 

If Cloudflare’s numbers are any indication, the sheer volume of cyber-attacks will continue to be a concern. Like Cloudflare’s in-house systems, organisations will certainly look to invest in more ingenious systems and techniques to mitigate attacks. 

However, organisations are facing a skill gap.  

The International Information System Security Certification Consortium (ISC2) released a survey report last year, with responses from over 15,000 cybersecurity professionals worldwide. The non-profit organisation said, “Respondents don’t believe their cybersecurity teams have sufficient numbers or the right range of skills to meet their goals.” 

The numbers revealed that almost 60% of respondents agree that skill gaps have significantly affected their ability to safeguard the organisation, with 58% revealing that they put the organisation at ‘a significant’ risk. 

ISC2 also revealed that 45% of cybersecurity teams have implemented generative AI tools, expecting to bridge the skill gap. However, two-thirds of the respondents are confident that their human expertise will complement AI tools. 

AIM spoke to Sudhakar Singh, the chief AI security officer at SAP Labs India, who said that the cybersecurity industry is expected to grow significantly. “We’ll need more specialists in AI security, not just to identify threats, but also to design effective mitigations,” said Singh. 

Beyond mitigations, cybersecurity professionals will also need to assess the risks posed by sophisticated systems like AI agents.

“Like any technical tool, [AI agents] require secure configuration and orchestration. This demands not only technical security expertise but also logical reasoning to fine-tune AI-suggested workflows. Therefore, employment opportunities in this field are expected to rise, encompassing roles that combine AI, security, and logical reasoning skills,” he added.