Australia
Story image

Bringing a gun to a gunfight: Countering AI-enabled threats

14 Aug 2018
Kai Ping Lew
Share:
LinkedIn
Twitter
Facebook

As artificial intelligence gains traction, organisations are beginning to find enterprise use cases for the technology.

At the same time, cybercriminals are also finding ways to weaponise the technology to execute more sophisticated attacks at a higher volume.

A report by the Electronic Frontier Foundation found that there are several characteristics of AI that lend themselves well to being utilised in cyberattacks: namely its scalability, the ability for its algorithms to be rapidly distributed, and its ability to exceed human capabilities.

Using AI to amplify cyber threats

AI-enabled cyberattacks can expand existing threats, introduce new threats, and alter the typical character of threats, allowing attacks to be more versatile, effective, and targeted.

As an example, AI could influence email attacks such as spear phishing to become more automated – and it could even eliminate the need for the attacker to speak the same language as the target.

It could also target malware’s behaviour that it becomes impossible for humans to control in a manual way.

In response, security experts have turned to the same technology that makes them so effective to combat these threats.

Artificial intelligence can reduce human effort and lower the time needed to detect, respond to, and recover from cybersecurity incidents.

One organisation focusing on this area is LogRhythm’s with its AI-enabled security operations centre CloudAI.

The integration of artificial intelligence with it security operations centre was aimed at realising the following outcomes:

  • Discerning patterns of known threats, on a global, geographic, vertical, and company basis and detecting in real time every observed instance going forward.
  • Discerning with security and risk relevancy the behavioural shifts across the IT environment that predict and detect with accuracy an active or emerging threat.
  • Enabling organisations to perform effective threat hunting – augmenting what is today an art few can effectively perform or afford.
  • Eliminating false negatives with a very low false positive frequency, and present alarms with real time risk context in support of detecting and neutralising threats early in the kill chain.

AI in security applications

User and entity behaviour analytics (UEBA) is a perfect application for machine learning as long as the necessary security context is available for understanding the significance of each anomaly.

Gartner defines UEBA as profiling and anomaly detection based on a range of analytics approaches, usually using a combination of basic analytics methods.

Machine learning can make UEBA considerably more effective for the following reasons:

• Machine learning can handle the volumes of data to be analysed and the environment to be understood. This includes being able to incorporate many types of data sets, from network traffic patterns and application data to records of user authentication attempts and user access to sensitive data.

• Machine learning-driven UEBA is well suited for identifying “qualified” threats—those that are legitimate and require action. Machine learning can take many more factors into consideration than humans can when looking at potential threats, and it can do so in near real time.

UEBA is only one example of the possible applications of artificial intelligence in cybersecurity.

The same characteristics that make it an efficient tool for executing cyber attacks – scalability, versatility, and efficiency at processing large amounts of data in a short time – also make it effective for threat detection, threat response, and against insider threats. 

See how you can detect and stop an insider threat with LogRhythm CloudAI with UEBA.

Related stories:
Businesses feel they need AI to respond to cyber-threats - Capgemini
AI projects set to double, with CX the key driver behind growth
NVIDIA expands DGX-Ready Data Center program globally
OutSystems launches new AI capabilities
Caution needed in AI implementation for A/NZ businesses
Rapid increase in AI to detect fraud
Dig deeper:
Story image
12 Jul
Kyckr signs agreement to expand into new platform
The agreement with Demyst will allow the Kyckr API to be accessible by existing and future Demyst API customers.More
Story image
17 Jul
WA’s John XXIII College chooses Veeam for backup and DR
On top of learning tools, administrative support, payroll, finance and alumni services are some of the services that also must be constant and stable.More
Story image
15 Jul
NVIDIA expands DGX-Ready Data Center program globally
The program is designed to aid companies in finding modern data center facilities for their artificial intelligence-based infrastructure.More
Download image
Whitepaper: Using syslog-ng to beat artificial ignorance
During the log analysis administrators read only interesting messages, like ‘Violation’ and ‘Unknown’ messages.More
Story image
19 Jul
Looking to land your dream job? Build your soft skills, says Hays
According to Hays latest Salary Guide, soft skills could be the differentiator between a successful or failed job search.More
Download image
Leveraging Elasticsearch and syslog-ng to maximise log management
Syslog-ng is a single, high-performance log collector for device, system, and application logs, greatly simplifying logging architecture.More
Story image
Kyckr signs agreement to expand into new platform
The agreement with Demyst will allow the Kyckr API to be accessible by existing and future Demyst API customers.More
Story image
WA’s John XXIII College chooses Veeam for backup and DR
On top of learning tools, administrative support, payroll, finance and alumni services are some of the services that also must be constant and stable.More
Story image
NVIDIA expands DGX-Ready Data Center program globally
The program is designed to aid companies in finding modern data center facilities for their artificial intelligence-based infrastructure.More
Download image
Whitepaper: Using syslog-ng to beat artificial ignorance
During the log analysis administrators read only interesting messages, like ‘Violation’ and ‘Unknown’ messages.More
Story image
Looking to land your dream job? Build your soft skills, says Hays
According to Hays latest Salary Guide, soft skills could be the differentiator between a successful or failed job search.More
Download image
Leveraging Elasticsearch and syslog-ng to maximise log management
Syslog-ng is a single, high-performance log collector for device, system, and application logs, greatly simplifying logging architecture.More
Story image
Sydney & Melbourne amongst world's top places for women entrepreneurs
"Every day I meet inspiring women in Australia and New Zealand, so it is heartening to see Sydney and Melbourne rank in the top 15 cities globally in our WE Cities Index report."More
Story image
Federal Government inks cloud deal with Microsoft
The deal accelerates transformation opportunity, invests in public sector skills, drives inclusion and leverages local investment.More
Story image
Google buys enterprise cloud file storage firm Elastifile
The acquisition will bring Elastifile’s cloud file storage for enterprises into Google Cloud Filestore.More
Story image
Huawei: Aus should follow UK’s “more intelligent” approach to 5G tech
Huawei Australia has released a statement pointing out a UK cross-party committee’s findings that there is no need to ban Huawei’s 5G technologies.More
Story image
WatchGuard firewall takes top spot in NSS Labs tests
WatchGuard Technologies’ firewall product has achieved commendations from NSS Labs for the third year in a row.More
Story image
10 ways to benefit from the emerging ‘data nation’ - Snowflake
Data is opening up new opportunities for revenue generation that can significantly boost the corporate bottom line.More
Story image
QNAP launches beta of new version of NAS OS
QTS 4.4.1 beta 3 includes VJBOD Cloud for integrated cloud object storage and CacheMount for low-latency cloud data access.More
Story image
Case study: Kemp load balancers resolve issues for Now IT
Now IT faced a problem when its load balancer was unable to share information with AWS’ relational database, or access Microsoft Exchange.More
Story image
VMware to acquire Bitfusion
Bitfusion is a pioneer in virtualisation of accelerated compute with a strong focus on GPU technology.More
Link image
ESET named champions in the Canalys Cybersecurity Matrix
The report states that ESET has local presence in every part of the world and works closely with channel partners.More
Story image
Lonely Planet partners with Acquia to enhance the travel experience
“Lonely Planet recognises the value of putting the right technology in place."More
Story image
Mistrust amongst organisations when it comes to data, survey finds
"The different levels of confidence displayed by people at a management level and operational data workers are not surprising, but it is definitely worrying." More
Download image
Overcoming security gaps with people, process, and technology
One of the largest inhibitors to cloud adoption is concern around the security of leveraging a service provider in a multi-cloud world.More
Story image
Valuing your shift into Agile – Certus3
As Agile has taken on a more organisation-wide focus, it has also become more closely aligned with the overall objectives of the organisation.More
Story image
IT & OT convergence brings new cyber risks to industrial sector
IT and operational technology (OT) are on a journey to convergence, but that convergence must be managed with caution in order to manage cybersecurity risks that go with it. More
Story image
AI projects set to double, with CX the key driver behind growth
“The rising number of AI projects means that organisations may need to reorganise internally to make sure that AI projects are properly staffed and funded."More
Story image
TIBCO secures top spot in Gartner Magic Quadrant
Master data management is not just an organisation's second thought - it's now indispensable.More
Story image
Thycotic introduces certification programme to A/NZ
The programme enables cybersecurity service companies to provide technical support and professional services using Thycotic PAM solutions. More
Story image
The future of cybercrime in Australia – ESET
Cyber-attacks will continue so long as the target seems worthwhile and the attackers have funding to continue their work. More
Story image
Blue Prism acquires Thoughtonomy, develops new SaaS offering
Blue Prism has closed its acquisition of Thoughtonomy. The company says the acquisition will enable it to build on its intelligent automation and cloud delivery capabilities.More
Story image
Attunity wins Microsoft award for cloud-data estate modernisation
The award is the latest example of Attunity momentum, including largest deals ever driving double-digit sales and revenue growth in Q2.More
Whitepaper: Why accurate log processing is key to effective SIEM
SIEMs form the core of many enterprises’ IT security strategies, but they can be expensive to deploy and maintain.More
Druva acquires hybrid cloud data protection firm
The acquisition will enable Druva to provide customers the ability to keep data readily available on-site through SaaS-based business continuity, short recovery windows, and greater workload mobility.More
Trend Micro adds Deep Security as a Service to Azure Marketplace
Trend Micro Deep Security delivers a multi-layered automated approach to protect hybrid cloud workloads and container environments.More
Microsoft empowers Melbourne Business School to 'move and improve'
Melbourne Business School is harnessing the power of Microsoft’s three clouds to transform its business into a cloud first enterprise.More
AirPass and 18Communications team up to target Chinese tourism in Aus
To caplitalise on the tourist trade and to make the tourists’ experience as enjoyable as possible, AirPass has partnered with 18Communications to assist local businesses targeting Chinese shoppers.More
How to collect, filter, and normalise logs in complex environments
To derive actionable, valuable business information from raw log data, it is necessary to collect, filter, and normalise messages from various sources.More
Tesla's suit against ex-employee a strong case for IP security
“There was no need for this employee to be using their own iCloud for data storage even if the original intent was non-malicious."More
92% of businesses experience identity challenges - LastPass
Data from the report reveals IT professionals overwhelmingly (82%) agree that poor identity practices have exposed their business to risks.More
OpenText and Mastercard partner dominate financial processes market
“We are excited OpenText is partnering with Mastercard to integrate our digital platforms together to allow companies to quickly identify and vet business relationships and make the end-to-end payments process even simpler.”More
Syslog-ng use cases and scenarios for Splunk
Using syslog-ng can improve the reliability log data collection from network devices.More
Why data is the key to Finance/HR collaboration
Looking at a key part of the digital transformation puzzle for large organisations.More
Western Digital updates flash data centre systems portfolio
IntelliFlash family additions and OS 3.10 enhancements deliver industry’s highest performing NVMe all-flash arrays.More
Micro Focus launches new robotic process automation product
Designed for the enterprise, the scalable and resilient solution is first to deliver UI and API-based RPA.More
Barracuda improves Azure connectivity for Office 365 security
New functionality enforces Office 365 local breakout policies in Microsoft Azure Virtual WAN to optimise Office 365 UX while increasing security.More
Whitepaper: An all-in-one guide on cloud migration planning
Technology-driven business disruption is a very real phenomenon.More
Whitepaper: Using logs to drive compliance
Log messages are filled with personal information that require proper security in order to comply with the Privacy Amendment Act 2017.More
Check Point releases report on public cloud security challenges
Unauthorised access, insecure interfaces, misconfigurations and account hijacking named as the biggest vulnerabilities in the public cloud.More
Why holding back from cloud adoption is holding your business up
The study surveys more than 950 IT decision-makers and IT pros from across the globe to better understand the barriers to increasing cloud usage.More
More stories