itb-au logo
Story image

Bringing a gun to a gunfight: Countering AI-enabled threats

14 Aug 2018
Kai Ping Lew
Share:

As artificial intelligence gains traction, organisations are beginning to find enterprise use cases for the technology.

At the same time, cybercriminals are also finding ways to weaponise the technology to execute more sophisticated attacks at a higher volume.

A report by the Electronic Frontier Foundation found that there are several characteristics of AI that lend themselves well to being utilised in cyberattacks: namely its scalability, the ability for its algorithms to be rapidly distributed, and its ability to exceed human capabilities.

Using AI to amplify cyber threats

AI-enabled cyberattacks can expand existing threats, introduce new threats, and alter the typical character of threats, allowing attacks to be more versatile, effective, and targeted.

As an example, AI could influence email attacks such as spear phishing to become more automated – and it could even eliminate the need for the attacker to speak the same language as the target.

It could also target malware’s behaviour that it becomes impossible for humans to control in a manual way.

In response, security experts have turned to the same technology that makes them so effective to combat these threats.

Artificial intelligence can reduce human effort and lower the time needed to detect, respond to, and recover from cybersecurity incidents.

One organisation focusing on this area is LogRhythm’s with its AI-enabled security operations centre CloudAI.

The integration of artificial intelligence with it security operations centre was aimed at realising the following outcomes:

  • Discerning patterns of known threats, on a global, geographic, vertical, and company basis and detecting in real time every observed instance going forward.
  • Discerning with security and risk relevancy the behavioural shifts across the IT environment that predict and detect with accuracy an active or emerging threat.
  • Enabling organisations to perform effective threat hunting – augmenting what is today an art few can effectively perform or afford.
  • Eliminating false negatives with a very low false positive frequency, and present alarms with real time risk context in support of detecting and neutralising threats early in the kill chain.

AI in security applications

User and entity behaviour analytics (UEBA) is a perfect application for machine learning as long as the necessary security context is available for understanding the significance of each anomaly.

Gartner defines UEBA as profiling and anomaly detection based on a range of analytics approaches, usually using a combination of basic analytics methods.

Machine learning can make UEBA considerably more effective for the following reasons:

• Machine learning can handle the volumes of data to be analysed and the environment to be understood. This includes being able to incorporate many types of data sets, from network traffic patterns and application data to records of user authentication attempts and user access to sensitive data.

• Machine learning-driven UEBA is well suited for identifying “qualified” threats—those that are legitimate and require action. Machine learning can take many more factors into consideration than humans can when looking at potential threats, and it can do so in near real time.

UEBA is only one example of the possible applications of artificial intelligence in cybersecurity.

The same characteristics that make it an efficient tool for executing cyber attacks – scalability, versatility, and efficiency at processing large amounts of data in a short time – also make it effective for threat detection, threat response, and against insider threats. 

See how you can detect and stop an insider threat with LogRhythm CloudAI with UEBA.

Related stories:
AIOps and the evolution of IT infrastructure monitoring
Keysight buys AI testing specialist Eggplant for $300m
Smarter, faster AI and X analytics: Gartner unveils top 10 AI trends for 2020
Intel announces portfolio update for AI-focused solutions
Humans VS machines: Focus must be on people - report
SAS and Microsoft form strategic partnership
Dig deeper:
Story image
Wrike rolls out user experience features and brand refresh focused on digital work
To empower organisations move forward in digital transformation strategies, the Reimagined Wrike launch offers two fundamental changes: user experience and updated brand identity.More
Story image
Cohesity named top vendor in unstructured data management.
GigaOm cited Cohesity's end-to-end solution designed to tackle data and app challenges in modern enterprises. More
Link image
Modern data centres need ultra-modern hardware
Huge storage capacity, iron-clad security capabilities, lightning-fast connectivity. Here's how Secure Provenance achieves all that and more.More
Story image
Five tips to get security-ready for the future of remote work
Here are five suggestions to shore up your cybersecurity defences in our new remote work age.More
Story image
AWS launches Outposts in New Zealand & APAC
“We are pleased to bring this service to our customers and partners in New Zealand to help them benefit from the accelerated pace of innovation in the cloud, and support low latency and local data processing requirements."More
Story image
Colt extends SD-WAN offering for customers moving to cloud
“By using Colt’s SD WAN multi-cloud offering, enterprises can now benefit from better performance, security, scalability and efficiency by accessing all their cloud services through a streamlined infrastructure."More
Story image
Wrike rolls out user experience features and brand refresh focused on digital work
To empower organisations move forward in digital transformation strategies, the Reimagined Wrike launch offers two fundamental changes: user experience and updated brand identity.More
Story image
Cohesity named top vendor in unstructured data management.
GigaOm cited Cohesity's end-to-end solution designed to tackle data and app challenges in modern enterprises. More
Link image
Modern data centres need ultra-modern hardware
Huge storage capacity, iron-clad security capabilities, lightning-fast connectivity. Here's how Secure Provenance achieves all that and more.More
Story image
Five tips to get security-ready for the future of remote work
Here are five suggestions to shore up your cybersecurity defences in our new remote work age.More
Story image
AWS launches Outposts in New Zealand & APAC
“We are pleased to bring this service to our customers and partners in New Zealand to help them benefit from the accelerated pace of innovation in the cloud, and support low latency and local data processing requirements."More
Story image
Colt extends SD-WAN offering for customers moving to cloud
“By using Colt’s SD WAN multi-cloud offering, enterprises can now benefit from better performance, security, scalability and efficiency by accessing all their cloud services through a streamlined infrastructure."More
Story image
Australian supercomputer Gadi ranks 25 in Global 500
“Gadi represents a milestone for Australian research. We are pleased to continue our long-standing relationship with Fujitsu and its network to offer Australian researchers world-class computing resources to take us into the next decade.”More
Story image
Nutanix announces new remote IT solutions
Released in response to demand for remote-friendly IT infrastructure tools, the solutions are aimed at teams wishing to deploy and troubleshoot their cloud infrastructure within from anywhere.More
Link image
Robotic Process Automation: The key to IT efficiency in 2020
It can boost productivity and efficiency by up to 80% and drastically alter enterprises' bottom lines as a result. Find out how to use it to your advantage.More
Link image
OSS Group helps Kiwis automate to unify people & IT
The reality is, if it exists in IT there is usually a way to automate it, says OSS Group.More
Link image
Revealed: Why CX and automation are the perfect mix
Decrease project costs, increase billable hours, streamline tedious processes - NetSuite's ERP can do all this and more.More
Story image
Yellowbrick Data announces availability of cloud disaster recovery service
Yellowbrick says the solutions will fill a major gap.More
Story image
The need for speed: What if tech could work as fast as your imagination?
Einstein famously said, ‘Imagination is more important than knowledge’. And businesses sure must be imaginative right now, which leads to the question: what if technology could work as fast as the imagination?More
Story image
AIOps and the evolution of IT infrastructure monitoring
As companies adapt to ongoing digital transformation, they will soon realise that they need more than just a dedicated IT team to view and manage the company’s IT infrastructure. That’s where AIOps comes in.More
Link image
Phishing campaigns show no sign of slowing down
Even though the 'phishing explosion' in March and April has passed, businesses and individuals are still at serious risk. The game has changed - make sure you're up to date and protected.More
Link image
Zendesk Showcase: A CX event for these topsy-turvy times
The world is in uncharted territory – there is no blueprint for doing business right now. Each day brings new challenges. Join business leaders to share your thoughts and learn how to thrive in the face of adversity.More
Story image
HP Inc pledges to eliminate 75% of single-use plastic by 2025
This transition from plastic to molded fibre has already eliminated 933 tonnes of hard-to-recycle expanded plastic foam last year, according to HP.More
Download image
Ultimate security: The best authentication just got better
Cloud applications can hold sensitive data, and top-notch authentication is key. But having separate tools for separate applications can be cumbersome - here's how to overcome that.More
Story image
Start ups revenue drops by 40% or more amid COVID-19 crisis
"Sadly, the fact is that to survive, new companies will have to cut expenses, which means that layoffs are inevitable."More
Link image
Don't be fooled: Cyber risks haven't slowed down
Cyber attackers become smarter and more efficient every day. Here's why it's more important than ever to invest in remote security tools.More
Story image
Unstructured data: Making sense of the mass and the mess
A modern data experience requires infrastructure that can bridge silos and meet demands for performance, agility and simplicity, without complexity or compromise. This calls for a data hub approach. More
Story image
Value of quantum computing uncertain for at least 10 years - research
"Quantum computing is not currently providing business value that could not be achieved with today's existing computers, and it is not clear when it will."More
Download image
The humble email is still the biggest security risk - report
Email’s popularity is a double-edged sword – not only is it the tool that we all use to communicate in business, it continues to be the most common way that cyberthreats pierce a business.More
Story image
Former Salesforce, Microsoft security exec to lead Zoom security team
Zoom has announced the appointment of former Microsoft and Salesforce executive Jason Lee as its new chief information security officer. More
Story image
CareAR integrates AR support solution with ServiceNow
CareAR is an augmented reality visual support platform that helps enterprises add AR capabilities to their service experience.More
Story image
Cambium Networks rolls out Wi-Fi 6 & fixed wireless solutions
The company aims to bridge the gap between fixed wireless and Wi-Fi technologies through its new product lines that provide an alternative to last-mile wired networks.More
Story image
Workday expands HR offerings for workforce optimisation
Workday has this week released several new HR offerings designed to assist organisations with optimising their workforces in the post COVID-19 environment.More
Automation: The key to business excellence across the board
In 2020, businesses that don't invest in automation face serious risk of falling behind. If it exists in IT, there's a way to automate it - find out how with a free consultation.More
Business climate stabilising for tech companies following COVID crisis - report
The survey shows technology companies are continuing to see customer interest in cybersecurity, cloud computing and other areas.More
Businesses are seeing efficiency increase by 80% with RPA
Robotic Process Automation is becoming a must-have for organisations looking to bolster productivity in 2020. Here's the full story on how the industry is benefitting from RPA.More
Scale-out multi-protocol storage & data management with Hedvig
The advantages of data growth are clear if they are harnessed properly: Agility, scalability, and lower costs are but a few of those advantages. Find out how you can make these a reality with Hedvig.Register Here
Micro Focus launches solutions designed to aid modernisation
“Through new insight-driven tools, application program interface (API) development capabilities and robust deployment options, these Micro Focus solutions give developers new ways to work with complex COBOL and mainframe systems while delivering on a cloud strategy.”More
A great ERP tool achieves a lot for your customers & financials
NetSuite’s cloud native SRP is not a project management tool that talks to your finance system. It's end-to-end project management capability for service professionals, integrated with NetSuite's full ERP solution. More
BMD chooses Rubrik to make transition to digital data backup
“BMD is a perfect example of a company that has regained control of its data, at a time when its technology resources are needed more than ever. This will empower the company to focus on its core business."More
Training is essential to build cybersecurity awareness
More than ever, businesses need to ensure that all their workers have the right skills and training to protect the business from cybercrime.  More
NCC Group chosen to help improve IoT security standards for all sectors
“At NCC Group, security is in our DNA and that's why we're excited to work with the ioXt Alliance in raising security standards within the IoT ecosystem."More
Gartner: Strong revenue growth forecast for container management software and services
This is the first time Gartner has published a forecast for container management, in response to the increasing importance of the underlying technology.More
HPE rolls out AI-based sensor tech to help firms return to work
HPE has developed a new range of technology-based return-to-work solutions designed to control the spread of infectious viruses such as COVID-19.More
IDC names top Digital Workplace Services vendors
A new MarketScape report from IDC names the Leaders and Major Players in the market that is seeing forced growth in the time of COVID-19.More
Video: 10 Minute IT Jams – Who is ThousandEyes?
ThousandEyes is a network intelligence company headquartered in the United States, and operates worldwide. Cisco recently announced plans to acquire ThousandEyes.More
Remote workforces drive new risk management strategies
remote and onsite workers have access to multiple collaboration tools, leading to fresh risk management strategies in the post COVID world.More
Cloud-scale connectivity with consistent security
Organisations should look towards SD-WAN solutions that support multiple administrative domains for isolating and separating lifecycle management, as well as the operations, or each business unit’s SD-WAN. More
Looking beyond the data centre to new enteprise architectures
Enterprises can create a low-latency architecture with private connections that bypass the internet entirely. The end result? Better reliability.More
Why DX is not complete without a transformed security architecture
Secure Access Services Edge (SASE) is the process by which core WAN edge capabilities like SD-WAN, routing, and WAN optimisation at branch locations are integrated with cloud-based security services like secure web gateways, firewall-as-a-service, cloud access security brokers, and more.More
1.75 billion mobile users to adopt mobile POS payments by 2024
The dropping price of Point of Sale terminal devices will spur adoption globally.More
More stories