Cybersecurity in the Age of AI

As we are reaching a new frontier with various kinds of technologies, more and more of our personal information is being sent and kept online, sometimes even without us knowing. Therefore, forms of hacking and phishing has become incredibly catastrophic because more and more extremely sensitive information are being obtained by each hack. In the past couple of years, cybersecurity has become a critical issue that all businesses and governments are talking about. Especially in the era of big data, artificial intelligence (AI), and machine learning (ML), cybersecurity is becoming a very hopeful yet worrisome field that is challenging many scientists, administrators and more.

“Cybercriminals need to get it right only once. Cybersecurity needs to get it right every single time.” This is the most important rule that the whole cybersecurity industry abides by. If you wait until the hackers to break through your firewall to react, it would be your organization’s worst nightmare. Although we hear about scandals of data leakage all the time on the news, many companies and organizations are still lagging on their cybersecurity systems. In a 2018 survey sponsored by Tripwire, a IT company specializing in security and compliance automation, only 11% of respondents believe their organization tracks all hardware devices on their networks, and only 21% say their organization track more than 90% of their software, while 56% track less than 70%. Many of the organizations also have constant problems with enforcing configuration settings, requiring changing default passwords, and deploying cybersecurity benchmarks such as CIS (Center for Internet Security) or DISA (Defense Information Systems Agency) guidelines.

INSIDE-Tripwire-state-of-hygene-graphic

Approximately how many of the devices connected to your organization’s
network do you have tracked in an asset inventory?

 

However, cybersecurity is becoming a more frequently discussed topic at many companies with the rise of AI and ML. By feeding a huge amount of data of both legitimate and malicious files into the computers, the machines can come up with an algorithm that can distinguish hackers and phishing sites using the data about that file or the URL of the access endpoint. In doing so, organizations can avoid the mistake of neglecting potential threats that human analysts might make. A distinct characteristic of hackers is their ever-changing means of attack. What AI can do is to keep developing new algorithms that have been perfected through never-ending streams of data. Another popular technology in the making is called learning-based log processing. It is a multilayered approach to threat assessment, based on a file’s static attributes, dynamic behaviors, and its relationships with other files. Basically, through machine learning, computers can be taught to discern abnormalities in data instead of simply (though not so simply) following a developed algorithm.

BlackBerry-Cylance-1088x725.png

A recent acquisition of Cylance Inc. (a private artificial intelligence and cybersecurity company based in Irvine, CA) by BlackBerry proves the importance of cybersecurity as an industry and the important role that AI plays in it. Nowadays, security is not a plus, but a must. As explained by John Chen, the CEO of BlackBerry, securing endpoints and the data that flows between them is absolutely critical in today’s hyper-connected world. By adding Cylance’s AI technology to BlackBerry’s cybersecurity solutions, it will be able to accelerate the development of BlackBerry Spark (the IoT platform for secure communications) and better connect, protect, and build secure endpoints that users can trust.

Unfortunately, with the wider deployment of AI in security systems, cybercriminals also saw the potential in ML-based technologies. By reinventing and improving previously seen automation used to generate new variant of older malware, the attackers can create new malware that consists of a mix of old and new variants which makes it harder to be detected. Also, they can create new spam and phishing content using ML to mimic previous successful campaigns. Just like how organizations can used AI technologies to enforce stronger security measures, the hackers can do the exact same to their own infrastructure to prevent their malware from being detected and hijacked. In the worst case when it does get caught, the ML-based malware can even automatically activate its self-destruct mechanism, thus avoiding detection and rendering further analysis impossible for organizations. The malicious possibilities using ML is almost countless, with many other examples such as mimicking legitimate network, increasing the speed of the attack etcs.

A1MAIN-aicyber-072318.jpg

AI-driven cybersecurity is a double-edged sword.

A familiar example of the use of AI in cyberattacks is spam emails/messages. For the past many years, English was the only language that had spam with decent grammar and style. Spam in most other languages looks like the work of a child, with broken sentences and contexts that didn’t make any sense. However, with the “help” of ML, these emails look not much less professional than any of the invoices you get from your clients, which can steal your confidential information in a matter of seconds.

spam email old

Old Spam Email: Broken Grammar and Language Style.

spam email new

New Spam Email Driven By ML: Professional and Trustworthy.

While it is still unclear if there will be a more positive or negative impact of integrating AI technologies into cybersecurity systems, this new ML-based mechanism definitely opens up new possibilities for organizations to strengthen their defense in think big data era. By educating themselves, companies can begin to explore the countless opportunities in AI and possibly be benefitted immensely by acting fast in protect their organizations.

 

Sources:

https://www.information-age.com/blackberry-acquisition-cylance-ai-cyber-security-123479444/

https://fedtechmagazine.com/article/2019/02/ai-machine-learning-and-need-innovation-cybersecurity

https://www.itworldcanada.com/article/many-organizations-still-ignore-basic-security-survey-suggests/407845

https://www.welivesecurity.com/2019/02/22/ml-era-cybersecurity-step-toward-safer-world-brink-chaos/

6 thoughts on “Cybersecurity in the Age of AI

  1. Blackberry’s acquisition of Cylance makes me wonder how Apple handles the cyber security across their devices? Your quote “cybersecurity needs to get it right every time” is very telling; even though it seems like a hot topic, cyber security is still undervalued in my opinion. Great blog!

    Liked by 1 person

  2. Great post! Your comment on hackers also being able to use AI to come up with better and better hacks makes me wonder if there could be a sort of AI arms race between hackers and cybersecurity professionals. As more and more data is stored by companies, cybersecurity becomes increasingly important. It should be interesting to see if cybersecurity professionals are better able to make use of AI or if hackers will get the upper hand.

    Liked by 1 person

  3. Nice post! Cybersecurity is a huge area of untapped expertise in my opinion. It will be very interesting to see how AI can help with the advancements of cybersecurity, do we need real people to help prevent attacks or can programs protect better against them? I also think that Blackberry is trying to make a comeback by coming through the cybersecurity realm since they can’t keep up with the new smart phone race.

    Liked by 1 person

  4. Great post! Cybersecurity is so important and I don’t think it is a surprise. When I was on a flight about 7 years ago, I sat next to someone who worked at Apple. I asked him that if there was one industry, skill, or application to focus on that will be extremely relevant in the future. He said cybersecurity. I think he was right.

    Liked by 1 person

  5. Great post! So much of our lives are online now that it’s downright irresponsible for a tech company to not be taking online security measures. I had the opportunity at one point to talk to someone who worked in Microsoft’s cyber security division and he basically said that his team has to assume at any moment every aspect of Microsoft’s online presense is under attack not just by individual hackers but by foreign governments and other more sinister agencies. Hopefully AI will help us combat this more than it will cause harm.

    Liked by 1 person

  6. The lab I work in uses a website called Basecamp to communicate, which quite recently was the target of a password attack. Thankfully they stopped it, but an update they sent out led me to reading about how easy it is to hack passwords. With massive databases of hacked passwords available, hackers have a lot better than random chance– especially if users, like me, have been known to re-use passwords. There’s a really cool website (https://haveibeenpwned.com/) that lets you check if your passwords are in any of the leaks. It’s really interesting to me because it’s almost a weakest link problem– if one company has great cybersecurity but it shares users with another that doesn’t, it’s much harder to protect data.

    Liked by 1 person

Leave a Reply to Michael Nelson Cancel reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s