Could AI/Machine Learning stop attacks like Petya, NOPetya, WannaCry?
WannaCry, Petya/NOPetya cyberattacks, cybercrime, ransomware cyberthreats, virus are some of the buzzwords that were at its peak till last week as shown on Google trends. While some experts are predicting this a role play for something “BIG” to come, the firms, government, institutions, organizations, hospitals are looking for measures to protect themselves against the next attack. Could they?
The famous quote by Callimachus is worth remembering here –
Set a thief to catch a thief!
There are ideally two ways to help your firm against these attacks. One was to gear up your resources and train them to be ethical hackers if you missed our last post on How Testers need to be ethical hackers do read it here. The next innovative way is to use technology against these attacks by using Artificial Intelligence and Machine Learning as surveillance tools and guard systems against any immoral activities. If you are keen to know how? Let’s dive in to find out–
How Could Artificial Intelligence and Machine Learning Stop Cyberthreats?
According to Gartner Research, the total market for all security will surpass $100B in 2019. As the world welcomes AI and ML with open hands, the technologies are sure to make an impact on cyber security. AI and ML are capable of predicting, preventing breaches at all level of software architecture making it just the perfect choice to detect anomalies.As per Cylance report – With efficacy rates at 99%, artificial intelligence and machine learning applied at the endpoint protects at levels never before seen.
AI- ML as a Surveillance Tool
It’s a tedious and mundane job for a human to scrutinize the logs and look for any suspicious activity, however with an AI-powered tool checking of logs and pointing to something random or susceptible would be an easy job. Just, for example, multiple logins across various devices from the same IP or someone with brute force is attempting to get into the system. These kinds of anomalies could be pointed out by an AI-powered system which then could be taken by a human to decide if it’s legitimate or illegitimate attempt.
As per Wired News – A system called AI2, developed at MIT’s Computer Science and Artificial Intelligence Laboratory, reviews data from tens of millions of log lines each day and pinpoints anything suspicious. A human takes it from there, checking for signs of a breach. The one-two punch identifies 86 percent of attacks while sparing analysts the tedium of chasing bogus leads.
Another Finnish Firm F-secure is combining the power of humans and machines in providing the best cyber security solutions to its clients. The most important factor in cyber security is time, as once the systems are breached the response needs to be immediate. For most the firms, it takes months to discover the breach itself, leave the response. Hence F-secure are offering solutions that could perform behavioral analytics using Machine learning and highlights the breach and anomalies in a real-time basis.
AI-ML - Predict, Analyse, and Act
An innovative way to predict cyber threats in modern times is via cyber security analytics. The analytics helps in getting insights about a “probable planned attack” before it happens. Once that data is gathered it’s time to act and prevent systems from Data Theft, Fraud or Data Deletion.
A firm LogRhythm with its solution offers Threat Lifecycle Management, Behaviour Analytics, Network, Endpoint, and Cybercrime detection, which is based on Artificial Intelligence and Machine Learning. In fact, Bill Taylor-Mountford, Vice President of LogRhythm, describes cybersecurity analytics as an “a smart machine that is always watching the data in your company. A machine that can filter out the white noise and look for the ones with unusual blips on the screen, the one browsing outside of their baseline.” Once the white noise is filtered out, it would be easy for Analysts to act and take preventive actions against cyber threats.
The combination of maths and science has the power to predict and stop threats like WannaCry, Petya, but does the firms trust their capabilities? Only time will tell, but cyber security solutions powered by AI and ML are indeed simple, scalable silent and efficient enough! It’s worth trying… Would you?
LIKE THIS POST SHARE IT WITH YOUR FRIENDS
Benefits of Automation Testing with CloudQA
Fast track your ecommerce monitoring
Top Five Reasons Why Testers Need to Be “Ethical Hackers” To Stop threats like WannaCry
Cyber threats and data security are one of the first concern of any firm. As an organization, what do you do to save yourselves from cyber threat? Firewalls? Anti-virus? Or Setting up processes and educating employees? Hiring a security firm to audit your processes and conduct penetration testing? What else could be done to prevent Black Hat Hackers?
Have you ever thought of asking your QA team to explore the vulnerabilities of your system in an ethical manner?
We @CloudQA give you top five reasons to do so –
When an in-house team is available to extend their roles, which would be more cost-effective than hiring a security agency to perform the same function.
Once the internal QA team is equipped with the checklist, the checks or penetration testing could be scheduled at regular intervals making it a continuous process, thereby enhancing the quality of the product.
Access Provided to in-house teams only
The data, servers, infrastructure would only be accessed by the in-house team making it leak-proof. In the case of any data theft or damage, the person could be tracked easily as who caused it.
In-house Testers/Hackers Means Long Commitments
Being in the same environment like yours, one would understand the criticality of a product. Hence he/she may devote much time and energy to discover the loopholes.
In-House Team means better Stability and Back-up
An organization backed up with a skilled team set is a solid foundation for stakeholders. Just imagine a technical breach, and with the in-house team, you could get it resolved faster then, looking for outside help.
Testers could explore new skills
While manual testers are going through the tough time saving their job, it’s time for them to add some new skill set to their profile. Test Automation is on top of the list amongst the skillset, how about adding ethical hacking? With Ethical hacking added onto your resume, who knows if you could trace down one of the biggest loopholes in a system.
Technologies like Artificial Intelligence, Blockchain, IoTs are knocking the doors of every firm, making it more complicated for a layman but much easier for a Black or Grey Hat hacker to get in. You can keep guards and surveillance to watch for, but do you know the big hole inside your house that could let thieves in? So, get your QA team ready and let them explore the house as Ethical Hackers performing penetration testing and stop the threats like WannaCry, RedOctober, Wiper,Shamoon.