in Cyber Security
in Cyber Security
In Cyber Security, a battle of the bots
An interesting battle was fought in a hotel ballroom in 2016, when seven autonomous bots faced off against one another in a contest to see which can best patch up cyber vulnerabilities in their machines while looking for loopholes in others.
The battle of the bots, during the year’s Darpa Cyber Grand Challenge in Las Vegas, pitted bot against bot in the first such hacking contest, reported Wired.com. In the end, their ability to find loopholes surprised watchers, who saw the remarkable speed in the way they found bugs.
Fast forward to 2018, the idea of advanced artificial intelligence (AI) being used to both defend and attack a computer system is no longer far-fetched. Indeed, as the MIT Technology Review magazine predicted, this could be the year when AI gets weaponised in a new arms race.
Traditionally, the cat-and-mouse game between cyber security experts and hackers has been played out by humans looking to outdo each other. If a hacker deploys a new way of infiltrating a system, say, through phishing e-mails sent to unsuspecting users, a cyber security expert would deploy a solution to detect any such suspicious behaviour.
In future, this could be something that is fought over by automated systems. Driven by AI, they will be faster, more adept and possibly more efficient in identifying vulnerabilities, either to exploit or to patch up.
Since 2016, cyber security firms have tapped on AI to better anticipate attacks. By working with human input, AI-driven systems have been able to predict 85 per cent of attacks. The machine learning capability has evolved since then, discovering attacks on new systems more effectively.
The bad news, however, is that hackers are also expected to tap on the wider availability of AI today to customise their attacks and penetrate systems that are well protected. These machines will learn from the continuous attempts to exploit loopholes.
Already, they can be taught to create fake messages, tempting victims to inadvertently open up their computers to a hacker. In the past, a human was more adept at this, but by scanning publicly available information, say, on social media, a machine can now churn out these messages customised to each potential victim without the manual task required in the past.
This means spear phishing, which targets a specific person in an organisation, say, an HR manager, can become easier to execute on a large scale. Currently, an online black market lets hackers find freelance writers to help customise messages to suit potential victims, but increasingly, this may be done with AI.
This arms race in AI will be worrying for many enterprises, which are already struggling to prevent data breaches. In 2018, enterprises can expect more sophisticated cyber attacks that not only probe at known soft spots but might also learn to find vulnerable areas that may not be apparent to humans.
Since most threats today are from unknown sources, the best way to detect them today is through advanced anomaly behaviour detection. The amount of data to analyse is far too huge for humans, so machines have to be deployed to automatically learn what normal network traffic behaviour is like and detect the anomalous ones.
StarHub’s Cyber Threat Intelligence service, for example, has detected numerous threats that were not previously found in known threat feeds. One proof of its success was the way the automated system picked up anomalous network behaviour two weeks before the large-scale WannaCry ransomware attack in 2017.
Moving forward, enterprises might look to combining human intellect with AI, to tip the scales in their favour. By feeding their AI defences more relevant scenarios and keeping them up to date through analysis done by human experts, enterprises could train their AI defences to be better prepared.
Ultimately, as AI becomes commonplace in everyday life, including cyber security, the onus is still on human users to be vigilant. That does not change even as AI plays a bigger part in securing an enterprise’s systems.
GDPR is coming and there's nowhere to run
Four areas of concerns to tackle before European Union's new data protection regulation sets in.
Are enterprises ready for Singapore Cyber Security Bill?
Singapore has witnessed its fair share of cyber attacks over the past few years. With the passing of Singapore Cyber Security Bill, is it sufficient to secure the enterprises? Find out more.