IT security pros in NH and across the globe are gearing up in earnest for the newest threat to corporate security: viruses, malware and similar cybersecurity attacks turbo-charged with artificial intelligence (AI).
The reason? Just as AI is remaking every other part of the digital world with applications that can think for themselves and grow smarter over time, the wonder technology is also being hijacked by hackers to imbue already dangerous cyberthreats with machine intelligence and creativity.
“We have to raise the bar now,” says John N. Stewart, senior vice president and chief security and trust officer of Cisco, regarding adding AI to the cybersecurity mix. “There is too much risk, and it is up to us to reduce it.”
Adds Eva Chen, CEO of Trend Micro, “The future threat landscape requires AI-powered protection that leverages expert rules and machine learning.”
In a survey released by Ponemon Institute in September, 25 percent of security and IT pros said they are already using AI in some way to protect their networks. And another 26 percent said they plan on deploying AI-driven security in the next 12 months.
More than 75 percent of those surveyed believe the internet of things (IoT) devices attached to their networks are not secure. And 66 percent said they have little or no ability to defend these devices from malware, viruses and the like.
“Despite massive investments in cybersecurity programs, our research found that most businesses are still unable to stop advanced, targeted attacks,” says Larry Ponemon, chairman of Ponemon Institute.
“The situation has become a perfect storm, with nearly half of respondents saying it’s very difficult to protect complex and dynamically changing attack surfaces, especially given the current lack of security staff with the necessary skills and expertise to battle today’s persistent, sophisticated, highly trained, and well-financed attackers,” Ponemon says.
“Against this backdrop, AI-based security tools, which can automate tasks and free up IT personnel to manage other aspects of a security program, were viewed as critical for helping businesses keep up with increasing threat levels,” he says.
A study authored by a number of experts from the Center for New American Security, the Electronic Frontier Association and similar organizations concludes that AI in the hands of black-hat hackers will make cyberattacks on companies and organizations easier in 2019 and beyond, and will broaden the type and number of possible hacks a business can suffer.
More Effective Attacks
Meanwhile, AI is also expected to make attacks against companies and organizations more effective, precise and untraceable.
Of special concern is the possibility that black-hat operatives may use their AI to infiltrate facial recognition systems embedded in the computer networks of companies and organizations.
The report’s laundry list for anticipated attacks goes on to warn that companies may use AI-driven hacking to poison the databases of competitors or completely destroy the supporting database architecture of a competitor.
Plus, the entire IoT, a network linking not just computers but machines and home appliances, is mostly child’s play for AI-driven attacks, according to the report. Many if not most of the devices that compose the IoT are unprotected, sporting easy-to-guess passwords often issued by manufacturers and never changed by the users who buy the devices.
Also at special risk are small and medium-size businesses, whose networks are easily compromised. Hackers know that these businesses serve as a back door into networks of larger vendors, suppliers and customers. Large corporations are not as vulnerable, as they have upped their game considerably during the past few years regarding cybersecurity.
Tools to Combat Threats
Currently, AI security is being used to look for suspicious activity on a network, analyze activity often in milliseconds, and neutralize the cause of that activity—usually originating from a rogue file or program—before it can do any damage.
This approach differs from traditional IT security, which has been focused more on identifying specific files and programs known to bear threats.
Each time these AI tools detect suspicious activity, the tools learn from the experience and get better and faster.
AI tools—if used simultaneously with numerous companies on the same IT cloud—can often instantly transmit knowledge of a new threat across the entire cloud, ensuring that if one company is hit first, other companies can be instantly protected.
Cybersecurity pros say the threat of AI-driven viruses, malware and similarly dark IT tools is limited at the moment, given that the expertise and learning curve needed to create and deploy AI security threats is steep.
On the downside, AI cybersecurity tools are still so new, they acquired a reputation for triggering too many false positives. Even so, spending some time to at least get acquainted with the latest in AI-driven cybersecurity is considered mandatory by many cybersecurity experts.
Here’s a representative sampling of AI-driven cybersecurity tools:
Darktrace Antigena
darktrace.com/products/
Antigena continually studies your computer network for suspicious activity and automatically neutralizes threats without depending on human intervention. Core to its function is being able to block threats without disrupting everyday business processes.
IBM QRadar Advisor
ibm.com/us-en/marketplace/cognitive-security-analytics
QRadar relies on IBM’s famous Watson technology—the computer that became a Jeopardy champion on TV a few years back—to investigate threats and suspicious computer files and neutralize those that could compromise a computer network.
Sophos Intercept X
sophos.com/en-us/products/intercept-x.aspx
Intercept X uses AI behavioral analytics to continually study the behavior of how malware, viruses and other cybersecurity threats execute. The premise behind the protection is that Intercept X focuses on suspicious behaviors in your computer network, rather than what a file may look like.
Symantec’s Targeted Attack Analytics (TAA)
symantec.com/about/newsroom/press-releases/2018/symantec_0415_01
TAA uses AI to study the characteristics of new viruses, malware and other cybersecurity threats as they emerge in the databases Symantec protects for numerous clients. One of the primary advantages of this approach is that a virus that crops up at one business can subsequently be caught before it deploys at the next business Symantec protects.
Vectra’s Cognito
vectra.ai/cognito-platform
Cognito continually gets smarter over time at detecting and eliminating cybersecurity threats using machine learning, data science and behavioral analytics.
Joe Dysart is an internet speaker and business consultant based in Manhattan. For more information, visit joedysart.com.
Current Issue - April 2024