2017 saw the maximum number of distributed denial of service (DDoS), with hackers increasingly turning to sophisticated technology to take down thousands of devices. According to the SecureList report, there was a sharp surge in the number of DDoS attacks in Q3 of 2017 in China, the United States, South Korea and Russia. Reportedly, more than 450 attacks were registered in the Australian sector, and as this cost of protection increased exponentially, with six IB vendors entering into a $50 million contract with the Singapore government. Malware, phishing, spyware and DDoS attacks are just a few of the tricks where cybersecurity experts are seeing an increased usage of machine learning and advanced AI techniques. In fact, cyber attacks are getting powerful with the hackers using artificial intelligence.
According to Alex Manea, CSO at Blackberry, while 2017 was the worst year for cyber attacks, 2018 will be yet another year where the shortcuts of the past come back to haunt us. “IT departments are being tasked to manage increasingly complex networks, support new types of endpoints, and protect more and more sensitive data. Legacy systems are still rampant throughout most industries and cannot be easily upgraded or replaced. These systems often contain publicly known software vulnerabilities which can be exploited to penetrate the corporate network,” he said in a statement shared with Analytics India Magazine.
At the same time, attackers are getting increasingly sophisticated and have more incentives than ever to mount cyber attacks. From building ransomware or mounting DDoS attacks and demanding bitcoin payments, to working with organised crime and even national governments, malicious hackers have numerous ways to monetise their skills and protect themselves. Besides causing loss of sensitive data, cyber breaches also cause massive financial losses. According to a report by the Ponemon Institute, an independent information security research group, the average data breach cost $3.62 million in 2017.
So how do hackers use machine learning to bypass the system and carry out malware or DDoS attacks?
Machine Learning For Gathering Information: The use of AI has become more widespread with hackers launching noise generation attacks to weaken the automated defence systems. The first step is gathering information and getting an unauthorised access by knowing common security exploits. The more information is collected, the better the chances are of success. That is why hackers collect large amounts of data to improve social engineering techniques.
Conducting Personalised Attacks: According to a report by Information Age, hackers are using ML and AI capabilities to launch personalised attacks and are tailoring the malware according to each victim. McAfee 2018 Threat Predictions report indicates that the development in machine learning is going to turn into an arms race between the defenders and attackers since cybercriminals are also leveraging ML techniques to lower the defence of organisations.
Developers Are Developing Malware: With more and more developers developing sophisticated malware that can escape detection, even the best AI tools are failing due to the lack of maturity or precision of machine learning software. Most companies invest in expensive malware detection software but they are not selecting the right tool. Sometimes, the IT workers do not have the right tools to protect endpoints and keep the network safe. According to the HP report, hackers are essentially technicians who believe in improvising their craft with machine learning and incorporating new tools.
We have often wondered whether AI and advanced ML techniques will usher in a new era of hacking. Cyber warfare experts believe that machine vs machine could be the new normal with hackers finding ways to crack into software vulnerabilities. Even though companies are investing millions of dollars in preventing ransomware attacks, and more and more firms are using ML technologies to detect malware, the truth is that leveraging ML technology is an expensive proposition. While AI technologies can prevent phishing and malware attacks, hackers too are constantly upgrading their arsenal with ML for data theft and gaining unauthorised access into system security. Malware is said to be a bigger problem than DDoS attacks and unfortunately the same technology that is deployed by companies to prevent these attacks. That’s why ML doesn’t work efficiently enough to automate the process of blocking malware. Another downside is that tracking these attacks is often a lengthy process and companies often fail to adopt a proactive approach.