From deep learning neural networks to artificial intelligence-based facial recognition, artificial intelligence has taken leaps and bounds in 2016.
Virtual assistants and autopilot driving services are already influencing our lives, and the pace of innovation is frightening to some – but exciting for others.
But if you work in cyber security, these advances also herald more challenging times ahead. Cyber security is already one of the top business risks today, and adding artificial intelligence (AI) to the hacker’s already-sophisticated toolkit will make the job of defending against cyber attackers harder still.
Modern hackers don’t just target governments or large organisations – they can infiltrate any network activity and impact public services and individuals too.
As technology dominates more and more of people’s lives, and the Internet of Things is making them more connected, humans become more vulnerable than ever before. By manipulating AI for their malicious ends, cyber attackers are starting to take advantage of these new vulnerabilities.
Signalling the trend toward AI-based attacks is the new and disturbing threat known as ransomware, an automated attack that encrypts sensitive data and requires payment for its release.
In the US, there have already been reports of ransomware attacks against organisations ranging from banks to hospitals. In February, Hollywood Presbyterian Medical Center in Los Angeles was forced to pay the equivalent of $17,000 in Bitcoin to recover access to their computers and patient records.
Ransomware attacks are vicious, moving at machine-speed without a threat-actor directing its spread. Yet they are only the tip of the iceberg when it comes to automated attacks. Today we have started to see the beginning of AI attacks that observe, learn and blend into the background of complex environments.
Imagine a piece of malware sitting quietly on a hospital network. It observes the normal network patterns and traffic and learns to blend in with the noise of the network, undetected. Every month, for just a millisecond or two, the malware alters sensitive data, but the security team has no way to know which piece of data was changed. The scenario swiftly undermines trust in the entire system, erodes data integrity, and risks patient care.
From ransomware to AI, cyber attacks are growing in ingenuity and prevalence. With speed and stealth, new threats slip through the defences of traditional security approaches and tap away at sensitive data under the radar.
It’s not simple data theft anymore – attackers are now capable of exploiting fingerprint scanners in manufacturing plants, or infiltrating video-conferencing systems to remotely capture video from confidential meetings. It is clear that today’s attackers are fearless, and no organisation, no matter how large, is immune.
But as cyber attacks become more innovative, so do cyber defences. With cyber-threats now jeopardising all aspects of people’s lives, security cannot afford to be an afterthought. Businesses in particular need to prepare themselves with a fundamentally new approach.
Many organisations are now turning to automated systems – such as so-called ‘immune system cyber defence’ – which use cutting-edge machine learning to establish a ‘pattern of life’ for every network and device, thus user-enabling the technology to detect anomalies in a network and identify previously unknown threats in real time.
Inspired by the human immune system, this approach doesn’t rely on prior assumptions, and it secures the network from the inside, just like the human body does. Immune system technologies learn ‘self’ for a network, and they constantly evolve as the organisation grows.
When AI attacks hit, not only can the immune system approach detect the threat, it can also strike back by taking measured and precise action to mitigate the situation.
In the ever-evolving world of technology, it is becoming clear that machine-based attacks are too fast moving and sophisticated for humans to keep up. AI has become a cyber weapon, and cyber defence an arms race.
Self-learning defence technology based on the ‘immune system’ concept will be a critical tool in this new battle for control of our networks.
Sourced from Dave Palmer, director of technology, Darktrace