Artificial intelligence (AI) is transforming everything around us in ways unimaginable. It is reshaping industries, businesses, and our everyday lives. Experts believe that within the next six to twelve months, AI will generate up to 90% of code, fueling a tenfold increase in productivity. But this same surge will also drive a tenfold increase in software vulnerabilities.
The dark side of AI is that it empowers malicious hackers to launch a whirlwind of highly sophisticated, ultra-high-speed cyberattacks. AI-driven attacks, particularly those orchestrated by autonomous AI agents, operate at an accelerated pace, compressing the window for detection and response.
“AI is the greatest threat—and defense—in cybersecurity today,” according to McKinsey & Company. “Artificial Intelligence has enabled hackers to utilize AI tools to create convincing phishing emails, fake websites, and even deepfake videos, injecting malicious prompts or code,” said Eric Dresdale, Entrokey Labs president and co-founder.
Dresdale explained that this allows cybercriminals to craft personalised, realistic methods that bypass traditional detection mechanisms on an unprecedented scale.
Crime does pay
Cybercrime as a whole will cost the world $23 trillion by 2027, up from $8.4 trillion in 2022, said Anne Neuberger, former U.S. Deputy National Security Advisor for Cyber and Emerging Technologies and now an AI and Cybersecurity Advisor at Andreessen Horowitz, one of America’s most influential venture capital firms. Approximately 20% of that cybercrime will be AI-linked.
The World Economic Forum, McKinsey & Company, Entrokey Labs, and others agree that the threat is even greater with AI and quantum computing, which exploit the lack of true randomness in every smart device—from a child’s tablet, to a teenager’s mobile phone, to parents’ home computers, servers, businesses, and even government agencies, including intelligence communities.
Let’s talk Entropy—and why it is key
Before moving on to the solution against AI and quantum computing, it’s important to understand entropy—the weapon few are talking about today.
In simple terms, entropy is a measure of disorder or randomness in a system. Think of it like how messy your garage gets over time. Things naturally spread out or become chaotic unless energy is used to keep them organised.
In cybersecurity, entropy mirrors the randomness used in encryption. High-entropy encryption (more random, complex keys) makes data harder for cybercriminals to crack. Defenders rely on high-entropy algorithms to secure systems, while attackers exploit low-entropy (predictable) systems to find vulnerabilities.
As CyberSamantha wrote in her article, Quantum, Entropy, and the New Nuclear Arms Race: “Everything claiming ‘randomness’ is at best pseudo-random. Kind of, sort of random. Random enough that a human cannot detect the pattern, but a computer absolutely can.”
She made it clear: true randomness is the single most important unsolved problem in computer science. Hackers exploit this gap, and AI makes them more effective than ever.
“To be completely cybersecure, you would need true randomness—totally chaotic randomness—because that is the only thing AI cannot predict,” she explained, adding: “There’s only one company close to mastering true entropy, and that’s Entrokey—which has, in fact, already done so. Whoever controls true entropy controls the next generation of cyber defense.”
Estimating true randomness
The U.S. National Institute of Standards and Technology (NIST) relies on two basic equations and statistical data to estimate the unpredictability of bits from a source, as referenced in SP 800-63B. For example, E = log2(R^L) estimates entropy based on character set size and password length.
But NIST’s calculation of randomness—based mainly on character frequencies—has limitations. It assumes random character selection, ignoring human tendencies to use predictable patterns. It also lacks AI’s ability to analyze complex or evolving patterns.
“We’ve developed a unique software solution that uses AI to analyze the frequency and spread of character types (letters, numbers, symbols) to detect non-random distributions,” said David Harding, Entrokey Labs CEO, and co-founder. “Our system detects predictable sequences like ‘aaa’ or ‘1234,’ leverages AI’s ability to spot subtle patterns, and performs contextual pattern recognition to identify user-specific tendencies.”
This includes what Entrokey Labs calls Dictionary Attack Vulnerability testing—checking if a password resembles common words or phrases. It also applies Statistical Randomness Testing, measuring randomness against pseudo-random patterns, and Behavioral Analysis, modeling human tendencies that weaken security.
Achieving complete Entropy
“We’re scoring over 0.99 on NIST statistical entropy tests—far above NIST’s highest standards,” said Patrick Hearn, Chief Commercial Officer and co-founder of Entrokey Labs. “But more importantly, we can flag subtle, machine-detectable patterns that would weaken a key’s resilience against AI- or quantum-based attacks.”
With Entrokey’s breakthrough, the battle against AI-driven cybercrime finally has a fighting chance.