Overcoming Cyber-Attacker ROI Using Machine Learning For Offensive AI
Why You Cannot Bring A Human To A Machine Fight
Recent years have seen breakthroughs in the use of machine learning algorithms for enhancing business operations beyond the human capacity. Huge benefits have been achieved in fields like autonomous vehicles, healthcare, data analytics and others. These benefits are also being adopted by hacker groups and nation states.
Cyber attackers are always looking to improve their ROI when it comes to cybercrime, and they are extremely innovative when it comes to that. During a session at the Cyber Security Digital Summit, Darktrace director of threat hunting Max Heinemeyer demonstrated how machine learning has been utilized to allow machines to beat humans at strategy games and how this blossomed into anticipating the moves of adversaries attacking the enterprise. By employing the power of machine learning, organizations can create their own offensive cyber security.
Often simplified to Artificial Intelligence (AI), most growth in the use of algorithms in commercial environments relies of unsupervised machine learning to overcome specific challenges. Machine learning is use in everything from autonomous vehicles to personal voice assistants to recommendation engines on e-commerce websites.
Traditional data analytics has looked into the past to summarize information and produce trends in hindsight. For cyber security, instead of accumulating historical information on attacks and signatures, the objective is to gather new insights by anticipating behavior that is beyond the operational norms.
The Advent Of Offensive AI
Nation states and hacker groups gain the most ROI when they go after larger groups. This may have been coordinated efforts against 10 organizations, but with the use of machine learning, the scale of attacks is growing greatly and coordinated efforts now reach hundreds or thousands of organizations with the similar level of effort.
In the near-term, attackers are implementing machine learning on a variety of levels within the attack framework, including reconnaissance, intrusion, C2 establishment, privilege escalation and lateral movement. They are even utilizing existing knowledge bases, such as Yahoo’s NSFW image database to identify which stolen photos are the most incriminating and most valuable as a ransom.
In addition to raising awareness about the use of automation and machine learning in the cyber security department, the Cyber Security Digital Summit session addresses the following questions:
- What can be done by organizations to defend from increased automated attacks?
- What types of AI-powered attacks are occurring in the wild today?
- What machine learning algorithms will be used to make these attacks, as well as the algorithms necessary to defend against attacks?
- Recommendations for further reading on the subject