A digital vaccine for cyberattacks
Necip Ozyucel, Cloud & Enterprise Group Lead, Microsoft Gulf, on why AI and blockchain will drive the future of cybersecurity
Human progress has always been a double-edged sword, never more so as it applies to the field of technology. As we have lurched from the telephone to the microprocessor to the Internet to the hyper-connected world we now live in, there have been those that have exploited the change for profit or amusement. The cybercriminal has become the smallpox of the digital era.
According to TrendMicro research, 2016 saw ransomware grow by 750% globally. Another study revealed that the average cost of data breach in 2017 was $3.6 Million, while the estimated cost of cybercrime to the global economy can go up to $8 Trillion by 2022.
UK-based insurance company Hiscox, in February 2017, claimed that cybercrime costs the global economy some $450 billion annually. For comparison, by World Bank estimates, this is more than the GDP of Austria or Norway… or the United Arab Emirates.
According to Hiscox, less than half of US, UK and German businesses were ready to deal with the malware onslaught that continues to swell and innovate. Here in the GCC, an October 2017 survey by Microsoft of 1,000 regional companies revealed that more than 80% of large enterprises still use only usernames and passwords for authentication, and more than half reported a 10%-or-higher proportion of received emails as some degree of junk. Further, some 41% admitted to having clicked on links within such emails that led to unwanted websites.
These unprepared organisations face a treacherous threat landscape that becomes uglier by the day. Last year, while ransomware’s average demand fell to $522, the number of attacks from digital imps such as Petya/Not Petya and WannaCry soared. And as the price of bitcoin rocketed, so-called cryptojacking – the practice of slaving a machine to crack cyptocurrency problems – emerged as another mushrooming trend, with one estimate suggesting a detection increase of 8,500%. Artificial Intelligence can help in identifying digital crimes. By using AI, we can detect anomalies from identity and access perspective to spams and ransomware threats. One very common scenario is detecting identity theft by using anomalies such as a user may log from different cities in very short time which is not possible to travel. Another one is detecting any anomalies over shared data inside and outside of organisations by using AI and information protection technologies.
Artificial Intelligence and machine learning are not only good for detecting anomalies based on user behaviour analytics, but also good for analysing infrastructure and applications such as blocking new and unknown malware, complying with security policies and avoiding old and unsupported applications.
So, what are we to do about this scourge? What shall serve as our Jenner’s vaccine? Well, we cannot ignore the need to plug an obvious cyber-security skills gap. And we should, of course, shore up corporate fundamentals through the proper training of staff and implementation of strict-but-flexible security policies. But we can also find a strong and able ally in artificial intelligence.
As attacks become recognised by security professionals as inevitable, those same specialists have turned to the digital world itself for the inoculant that can send the cyber-miscreant packing. Digital transformation has gathered pace as organisations across industries have realised that cloud providers must – and do – spend billions of dollars annually into AI-based cybersecurity. Therefore, rather than seeing the cloud as a lawless wasteland for their data and infrastructure, those organisations have recognised that the intelligent cloud is perhaps the best safe-haven available.
Technology companies and large-scale cloud providers have changed their cyber-security game. Instead of the old gambit of trying to keep pace with cyber-villains, they have came up with new and improved ways of analysing behaviour on a network, taking a holistic view of activity and processes. As those familiar with chess might say: “See the whole board.”
Today, technologies like blockchain can also help. Blockchain has served as a foundation for transactional transparency for virtual currency bitcoin. Its architecture consists of a distributed ledger, held by a community of willing participants. Since no one person or organisation is in possession of the entire transaction history – the creation of a bitcoin and its subsequent passing from hand to hand – no one can game the system.
Blockchain requires a shared consensus as to the nature of data, and that has hopeful implications for our cyber-vaccine search. By combining its architecture with AI solutions and even the Internet of Things, we can use the encryption capabilities distributed nature and audit trail of blockchain to put an end to the concept of entry points. At the very least, we can add a problematic array of complexities to the task of infiltration. Blockchain`s nature of keeping data distributed and can`t be changed is great for avoiding any fraud keep stakeholders in a blockchain consortium accountable by giving single view of truth open to all members.
We strongly believe technologies such as AI and blockchain can be cybersecurity game-changers, enabling security actors to detect, protect and respond faster and more meaningfully.
In short, AI can analyse huge amount of data that can`t be done by humans, detect anomalies to prevent any breach or fraud and automate tasks to bring immediate protection to incidents while blockchain can provide secure by design platform to build trust and drive accountability.
The forward-thinking CISO now looks to AI as the panacea for the disease-ridden landscape. After all, we talk about smart cities, we are glued to smart TVs and smart phones. Why shouldn’t we protect ourselves with smart cybersecurity?