How artificial intelligence is changing cyber security
Having contact with someone who has a cold increases the chances that you might pick up the bug yourself. In much the same way, businesses adding more connectivity into their system increases the opportunities for cybercriminals to introduce viruses into the system.
Even with the most effective preventative measures in place, cybercriminals try to get around them. It is unlikely that we will ever completely eradicate cyber threats because hackers are intelligent and tenacious, always searching for new ways to breach a company’s defences.
We all remember the WannaCry ransomware attack on the NHS in 2017 that led to the cancellation of over 20,000 appointments and thousands of operations. This attack, which crippled such a vital piece of infrastructure, has had British businesses on high alert ever since, fearing they could be next. To make matters worse, as hackers’ skills and technologies advance so does the threat they pose.
Currently, malware protection software relies on signatures to detect malicious code, but this only works on malware that it has already been exposed to. Due to the constant adaptation of hacking techniques, a method is needed that can detect malware that has not previously been seen – AI could be the solution.
How can AI help?
Only defences using the latest AI can keep pace with constantly evolving threat posed by cybercriminals. AI solutions are based on three fundamental principles; learning, reasoning and augmentation.
Firstly, AI learns by consuming billions of pieces of data from both structured and unstructured sources. Through machine learning and deep learning techniques, the AI improves its knowledge to understand cybersecurity threats and cyber risk.
Secondly, it gathers insights and uses reasoning to identify any relationships between threats, such as malicious files, suspicious IP addresses or insiders. This analysis takes minutes, or even seconds, allowing cybersecurity operatives to respond considerably faster.
Finally, AI eliminates time-consuming research tasks and provides in-depth curated analysis of risks, reducing the amount of time cybersecurity analysts take to make critical decisions and launch an appropriate response.
Who is most vulnerable?
Manufacturers are more susceptible to cyber-attacks because older attacks, such as Heartbleed and Shellshock, can still be used to target them, which means the number of threats has increased.
Serious vulnerabilities in the OpenSSL cryptographic software library allow cybercriminals to eavesdrop on messages and steal data directly from users. Because industrial computers are not regularly updated or replaced in the way consumer technology is, some still use the original OpenSSL software. A fixed version of the programme has since been released, allowing manufacturers to avoid this type of attack by simply updating their system.
In March 2019, aluminium manufacturer Norsk Hydro, based in Oslo, Norway, became the victim of a global cyberattack that has cost the company $52m. The attack was so severe that many of the company’s plants had to resort to using pen and paper. Some 35,000 staff in 170 plants around the world were left reeling when the cyberattack brought production to a halt.
Don’t be mistaken, there is no silver bullet when it comes to cyber security. AI will not prevent cyberattacks altogether, but it can considerably heighten the barrier that hackers must overcome and make the connected world of Industry 4.0 safer.