Adam Kujawa, Director of Malwarebytes Labs, has been contemplating the evolution of malware attack and defense, attempting to work out strategies to stay ahead of cybercriminals in what has always been a technological game of leapfrog.
While malware has continued its trajectory of increasing stealth and persistence, defenders currently have the edge with their introduction of artificial intelligence (AI) and machine learning (ML). Meanwhile, the criminals have adapted their methodology by seeking to ‘fly under the radar’ of defense systems, and to add persistence to their infiltrations.
Read more about Adam Kujawa’s view on the evolution of malware attack and defense on SecurityWeek.
The year 2018 saw a proliferation of high-profile data breaches and phishing attacks, and 2019 will undoubtedly involve more of the same, along with several new and evolving enterprise cybersecurity threats, according to a new report from BeyondTrust.
“As in any cyber defense strategy, BeyondTrust first recommends getting the basics right,” Morey Haber, CTO at BeyondTrust, said in a press release. “Securing your privileged accounts, eliminating excessive user privileges, ensuring secure remote access to critical systems, prioritize patching the vulnerabilities with known exploits, and reporting, reporting, reporting.”
Read more about the findings of the BeyondTrust report on TechRepublic.
Artificial intelligence has the potential to bring a select set of advanced techniques to the table when it comes to cyber offense, researchers say. According to Darktrace (.PDF) researchers, the current threat landscape is full of everything from script kiddies and opportunistic attacks to advanced, state-sponsored assaults, and in the latter sense, attacks continue to evolve.
However, for each sophisticated attack currently in use, there is the potential for further development through the future use of AI. Within the report, the cybersecurity firm documented three active threats in the wild which have been detected within the past 12 months.
Read more about the findings of the report on ZDNet.
Earlier this month, when Nikki Hayley, the US Ambassador to the UN, described China’s subjugation of Xinjiang’s Uighurs as being “straight out of George Orwell”, she pretty much nailed it. Xinjiang is a state surveillance laboratory, with unconstrained deployments of early-stage, commercial technologies being used to suppress an ethnic minority.
Upwards of a million people forced into re-education camps. Police checkpoints. Facial, iris and license plate recognition. Geofenced travel restrictions. Biometric registration. GPS tagging. Blanket video surveillance. And, of course, mandatory communications monitoring. This is the reality of a high-tech surveillance state.
Read why Forbes’ Zak Doffman believes that China has opened AI’s Pandora’s Box in Xinjiang, and why we should fear the developments there, on Forbes.
Artificial intelligence (AI) is poised to impact every industry in the near future—including the lucrative business of malicious hacking and the cybersecurity industry working to defend against those attacks.
Enterprise IT and security professionals recognize AI’s potential in cybersecurity, according to a new report from Neustar: 87% of the 301 senior technology and security workers surveyed agreed that AI will make a difference in their company’s defenses. However, 82% said they are also afraid of attackers using AI against their company, the report found.
Read more about the findings of the Neustar report on TechRepublic.
Early adopters of artificial intelligence (AI) have seen significant returns and successes, according to Deloitte’s new State of AI in the Enterprise report. The majority (82%) of AI adopters cited positive returns on their investments (ROI), according to a press release. The report surveyed 1,100 US executives who have or plan on adopting AI.
When considering the impacts of AI, respondents cited cybersecurity as the top concern when it comes to executing AI projects. Some 32% of businesses professionals have experienced an AI-related breach within the last two years. In fear of more cybersecurity infiltrations, 30% of respondents have slowed initiatives, and one in five have opted to not launch an AI initiative.
Read more about the findings of the new report on TechRepublic.
Despite heightened interest in enterprise deployment of artificial intelligence, only 40 percent of respondents to ISACA’s second annual Digital Transformation Barometer express confidence that their organizations can accurately assess the security of systems based on AI and machine learning.
This becomes especially striking given the potential for serious consequences from maliciously trained AI; survey respondents identify social engineering, manipulated media content and data poisoning as the types of malicious AI attacks that pose the greatest threat within the next five years.
Cybersecurity has become a race between white hats and threat actors. Artificial intelligence (AI) has been touted as a potential solution which could learn to detect suspicious behavior and stop cyberattackers in their tracks. However, the same technology can also be used by threat actors to augment their own attack methods.
According to IBM, the “AI era” could result in weaponized artificial intelligence. In order to study how AI could one day become a new tool in the arsenal of threat actors, IBM Research has developed an attack tool dubbed DeepLocker that is powered by artificial intelligence.
Read more about DeepLocker and learn how AI can be weaponized on ZDNet.
According to Ankur Laroia, Leader Solutions Strategy at Alfresco, Artificial Intelligence (AI) could provide an extra level of support in the fight against data breaches. AI could not only help in the identification and alerting of breaches, but even assist in the prediction and post-event analysis of data breaches.
Artificial Intelligence can provide solutions that seek to replicate and automate some human behaviors and functions. Within an enterprise security context this could involve the automation of time-intensive processing work, decision making and, potentially, facial and speech recognition. AI could also have a significant in data processing.
Read about the potential deployments and benefits of AI in enterprise IT security according to Ankur Laroia, on Information Security Buzz.
Machine learning is a form of AI that interprets massive amounts of data, applying algorithms to the material, and making predictions off its observations. Businesses typically use machine learning for locating and processing large data sets, but some organizations are implementing machine learning for more a narrow purpose: Cybersecurity.
While many assume machine learning makes cybersecurity professionals’ lives much easier, that’s not necessarily the case. Just like any new technology, machine learning still has its flaws—problems that turn the tech into more of a headache than a helping hand in the security space.
Read more about why machine learning may make things harder on cybersecurity pros, on TechRepublic.