AI increasingly used in cyberattacks: Microsoft

Saturday, Feb 22, 2020 07:56

Artificial Intelligence (AI) is being used for good but also as a tool by attackers, creating even more destructive malware, according to Microsoft's forecast about five key trends that will shape the cybersecurity industry this year.— Photo vnexpress

Artificial Intelligence (AI) is being used for good but also as a tool by attackers, creating even more destructive malware, according to Microsoft's forecast about five key trends that will shape the cybersecurity industry this year.

According to Microsoft, AI’s ability to harness the power of data has given incredible new capabilities and insights in the fight against cybercrime, including being able to identify patterns and anomalies faster and more thoroughly, which can speed up the deployment of countermeasures.

In addition, a higher number of new infections can be unleashed, which in turn can better hide from detection while they are wreaking havoc.

Another trend that Microsoft mentions is collaboration to protect supply chains.

The company said that “with more than 75 billion mobile devices [including IoT] anticipated to be in use globally in 2020, gaps like outdated software, unsecured devices and default administrator accounts can provide a wide range of vectors for attackers to enter systems.”

By 2022, more than half of enterprise data will be created and processed at the edge, outside of the data centre or cloud. To counteract this, vendors will need to band together to protect their customers and supply chains.

Integrated solutions can also provide additional protection. For example, the Microsoft Identity platform adds multifactor authentication for 1.4 million unique apps, many of which, like ServiceNow, GoogleApps and Salesforce, are used by enterprises daily.

“Over time, we expect to see even more widespread and formal industry collaboration and technology vendors put customers first and embrace the complexity of modern supply chains,” it said.

The other trend is the importance of securing the public cloud.

Until all companies implement security best practices, even well-trodden attacks like phishing will still be effective. This is especially true as IT departments increase their focus on mobility, personal productivity and frictionless BYOD offerings to increase employee flexibility.

Another trend will be the fall of passwords and the rise of zero trust.

In 2019, more than 4 billion records were exposed due to data breaches. Poorly secured identities and passwords are still the weakest link, especially in the face of AI-based malware. In fact, 63 per cent of all confirmed data breaches involved weak, default or stolen passwords.

A key weapon for fighting back is implementing a Zero Trust system. Like the name implies, Zero Trust systems do not automatically trust anything from within the perimeter, so even if bad actors do manage to get through corporate firewalls, they would still need additional authentication factors to reach each different or sensitive part of the network.

The system is incredibly powerful: Multifactor authentication for businesses can actually help reduce the risk of identity compromise by more than 99.9 per cent. By using biometrics and identity-based certificates, organisations can increase safety and streamline the user experience, while industry partners can help scale while still ensuring personal privacy.

Last but not least are nation states, which can act as disruptors. All over the globe, "we have seen a new danger arise over the past few years: The rise of nation states as online actors, antagonists and combatants. Almost no one globally has been immune to their effect, especially in terms of the worldwide electoral, political and social changes that have accompanied this recent development," Microsoft said.

While social platforms and manipulation are still primary areas of concern here, more traditional attacks like phishing are still being used as well. — VNS

Comments (0)

Statistic