If the current battle against COVID-19 is a game, then cyberattack is sort of like a wicked debuff that basically ramps up the difficulty level. Many hospitals and COVID-19 vaccine research-related companies have fallen victim to cyberattacks during this critical time. Miltenyi, a biotech film that supplies SARS-CoV-2 antigens for COVID-19 treatment research, suffered a malware attack on its IT infrastructure. Dr. Reddy’s Laboratories, a COVID-19 manufacturer, shut down its plants across several countries including the United States due to cyberattacks. Universal Health Services, one of the largest US health systems, took three weeks to recover from a devastating ransomware attack. In the worst-case scenario, ransomware might cause death due to delayed treatment or re-routing for critical care to other facilities. This was what happened to a German hospital when a patient died while being diverted to another facility, following a ransomware attack.
As a result, many are rushing to enlist artificial intelligence (AI) technology into the fight and shore up their cybersecurity. Here are a few ways that cybersecurity can gain from AI technology.
Vulnerability management is a vital part of any cybersecurity strategy. It is a process that proactively identify, categorize, prioritize, mitigate, and resolve flaws in an IT system. In short, vulnerability management detects and gets rid of flaws before hackers exploit them to launch attacks. But managing and prioritizing vulnerabilities can be rather tedious. AI is a better alternative to traditional approaches such as vulnerability scanning. It can go further, for instance, as a cybersecurity prediction platform.
A startup, CYR3CON, uses peer-reviewed attacker-focused AI and data mined from hacker communities to predict and prioritize threats. By approaching cybersecurity from the view of the hacker’s world, it automates and scale up the vulnerability analysis process. With this unique AI-driven threat-prediction platform, companies no longer need to go through a long list of undifferentiated patch items. They can compare their known vulnerabilities with the analysis results and effectively plan their mitigation plan, getting ahead of threats.
Behavioral Analysis Ability
AI’s behavioral analysis ability enables it to identify cyberattacks via anomaly detection. It uses data analysis and machine learning to construct a baseline of normal behavior (endpoint, network, and user). The anomalies can be anything: abnormal uses of ports, unusual traffic in network, increased data movement, and more. AI will then detect these anomalies and alert security analysts to conduct further investigation.
This ability makes AI an ideal ally to combat phishing. Phishing is a common cyberattack to steal confidential user data (e.g., login credentials) via disguised emails, spam messages, or fake websites. Earlier in March, the hackers had set up a malicious site to mimic WHO’s internal email system. The unsuccessful attack was believed to have connection with intelligence gathering, such as passwords from multiple agency staffers. Since AI can learn the user behaviors (e.g., textual pattern), it can easily detect anomalies if hackers are impersonating the user. For hackers that create websites by imitating the behavior of legitimate websites, AI can tell their difference in no time.
Improves the authentication
AI and biometrics are the perfect duo to develop a dynamic secure authentication mechanism for account login and so on. Two of the common examples are facial recognition and keystroke dynamics. Facial recognition is sometimes unreliable, where hackers can trick it with a video/photo of the owner. Integration of AI helps to map the user’s face in three dimensions as it learns from pools of facial data. Besides, AI takes the range of environmental conditions into consideration, for example, the lightning. This is to prevent false-rejects due to subtle differences between the user and the image saved in database. With this ‘liveness detection’ capability, AI can work with biometrics to create more precise authentication models.
Keystroke dynamics or typing biometrics identifies users based on their typing pattern. But this technique has limited adoption as a method of authentication due to inadequate levels of accuracy. This is when AI comes to the rescue. With a sufficiently huge typing profile built for the user over time, AI-based keystroke dynamics has higher authentication accuracy. AI creates the typing profile by collecting data on typing speed, dwell time, and flight time. Dwell time is the duration of the user pressing a key. Meanwhile, flight time refers to the interval between releasing key and pressing new key.
Don’t over-rely on AI
It is beyond doubt that AI technology is changing the cybersecurity landscape. Nevertheless, things might go terribly wrong when you think you are fully protected just because you have AI. While we are using AI to enhance our cybersecurity, the hackers are also using AI to make their attacks more effective and less detectable.
More Information On: