AI And Robotics Can Fight Cyber Crime

As digital technology relentlessly disrupts and sculpts the global landscape it exposes organisations to opportunities and threats. All evolution comes with challenges and the dark world of cybercrime continues to thrive and is this year’s second most reported economic crime.

The recent NHS computer hack using Wanna Decryptor ransomware shut down IT systems with 75,000 attacks in 99 countries. The unprecedented ransomware breach froze computers across the health service with hackers threatening to delete files unless a ransom was paid. 

Recently the popular font sharing site DaFont.com was hacked, exposing 699,464 accounts in the breach. The passwords were scrambled with the MD5 algorithm, which nowadays is easy to crack. The hacker unscrambled over 98% of the passwords into plain text. 
 “I heard the database was getting traded around so I decided to dump it myself, like I always do”. He said it was “mainly just for the challenge and training my pen-test skills.” He exploited a union-based SQL injection vulnerability in the site’s software, a flaw he said was “easy to find.”

Cyber crime can be committed with minimal resources and from a remote location. The same systems that have made it easier for people to conduct e-commerce and online transactions are now being exploited. Detection of criminals is difficult and it’s a relatively low risk activity for high rewards. 

Last year, Ginni Rometty, IBM’s chairman, president and CEO, said “Cybercrime is the greatest threat to every company in the world.”

Cyber crime is defined as a crime in which a computer is the object of the crime or is used as a tool to commit an offence. Crimes that target computer networks or devices include viruses and denial-of-service (DoS) attacks. Crimes that use computer networks to advance other criminal activities include cyberstalking, phishing and fraud or identity theft. A primary concern is the impact of these attacks on businesses, the lifeblood of the economy. A recent survey showed that 43% of cyber-attacks target small businesses, 75% of which have no cyber insurance. In the wake of these attacks, these companies spent an average of $879,582 because of damage or theft of IT assets. In addition, disruption to normal operations costs an average of $955,429. The consequences can be severe and it has been reported that 60% of small companies go out of business within six months of a cyber-attack.

Cybercrime is sometimes mistakenly perceived as a victimless crime, however cyber criminals cause their victims emotional, physical and financial trauma. 

In the past year 60% of fraud transaction come from a mobile device. As mobile traffic is ever-increasing and overtakes web transactions, mobile fraud will rapidly grow, especially as banks and retailers serve their customers via mobile apps. 
Biometric authentication is starting to happen now and user experience is the motivation over cyber-security.
Fingerprint, voice, and eye-print, combined with risk-based transaction monitoring, will be the predominant technology combinations for authentication and fraud management in mobile devices.

It is predicted that the launch of 3D Secure 2.0, led by EMVCo will change the e-commerce ecosystem. The new system offers many enhancements to the 1.x password-based, “challenge all” approach. As the scope for in-person fraud diminishes, card-not-present (CNP) fraud is expected to soar to over $7 billion in the U.S. by 2020. 

Today, online money transfer and bill pay services account for approximately 1 in 5 e-commerce fraud transactions, followed by the hospitality and airline, electronics, jewelry, fashion, entertainment and gaming industries. Phishers will aim to increase the duration of a live attack through improved methods. It is also a strong possibility that clever phishing attacks will target cardholder information as breaches and skimming of POS terminals and ATM machines will be far less effective as more terminals are upgraded to support EMV cards.

The Potential of AI and Machine Learning

IBM’s Watson made its debut in 2011 as a winning contestant on the American quiz show Jeopardy! Originally, the cognitive computing system was designed to take large, unstructured datasets in the English language and pull answers to queries out of that data. Watson has evolved to work on large data sets looking for patterns, rather than the answer to a specific question. For-instance alongside the Baylor College of Medicine to help with the study of kinases, an enzyme that can sometimes indicate cancer. 

With large quantities of data the speed of using augmented intelligence is impressive. For example, while a doctor may read about 6 medical research papers in a month, Watson can read half a million in circa 15 seconds. From this, machine learning can suggest diagnoses and advice on a course of treatment. The Watson for Cybersecurity beta program now helps 40 organisations to use the computer’s cognitive power to help spot cyber-crime.

Currently, cybersecurity operations, generally, require a human to spend their time going through alerts of potentially malicious activity, a repetitive and time-consuming process. Teams process over 200,000 security events per day on average and over 20,000 hours per year can be wasted in the pursuit of false alarms. 

Cognitive computing is 30-40 percent faster than traditional rule-based systems and results in fewer false positives. Because it learns as it goes, it doesn’t repeat the same mistakes. The more it analyses, the more AI can understand malware and fraudulent activity patterns, which is something that will help cybersecurity professionals level in the fight against hackers.
Researchers from MIT have created a virtual AI analyst. The platform, AI Squared (AI2), is able to detect 85 percent of attacks, roughly three times better than current benchmarks, and also reduces the number of false positives by a factor of five, according to MIT.

AI2 was tested using 3.6 billion log lines generated by over 20 million users in a period of three months. The AI trawled through this information and used machine learning to cluster data together to find suspicious activity. Anything which flagged up as unusual was then presented to a human operator and feedback was issued. While there are a number of companies using machine learning to fight hacking and cyber-crime, there are those who are already looking to take the technology to the next level with the use of deep learning. One of those is Israeli firm Deep Instinct, which lays claim to being the first company to apply deep learning to cybersecurity.

Deep Instinct aims to detect previously unknown malicious threats, the sorts of attacks that might otherwise slip through the net.

It’s simple for malicious software developers to enable their creations to evade detection, as slight modification of the code can make it unrecognisable. However, that can be made much more difficult with the introduction of deep learning.
“We’re trying to make the detection rate as close as possible to 100 percent and make life as difficult as possible for creators of new lines of malware. Today, it’s very easy; they modify a few lines of malware code and manage to evade detection by most solutions. But we hope to make life very difficult for them with detection rates of 99.99 percent,” commented Dr Eli David, Deep Instinct’s CTO and artificial intelligence expert.

According to 700 security professionals surveyed by IBM the top benefits of using cognitive security solutions were improved intelligence (40%), speed (37%) and accuracy (36%). IBM say Watson performs 60 times faster than a human investigator and can reduce the time spent on complex analysis of an incident from hours to minuets. 

Machine learning and AI speed up the lengthy process of sorting through data. Quantum computing aims to be able to look even quicker. Canada based company, D-Wave recently sold its newest, most powerful machine to a cyber security company called Temporal Defense Systems to work on complex security problems.

The rules-based systems of yesterday are no longer effective against today’s sophisticated attacks. Any system that can improve accurate detection and boost incident response time is going to be in demand. We have clearly reached a point where the sheer volume of security data can no longer be processed by humans. Human-interactive machine learning systems analyse internal security intelligence, and marry it with external threat data to direct human analysts to the needles in the haystack. Humans then provide feedback to the system by tagging the most relevant threats. The system adapts its monitoring and analysis based on human inputs, enhancing the chances of finding real cyber threats and minimising false positives.

Global spending on cyber-security products and services are predicted to exceed £1 trillion over the next five years, from 2017 to 2021. By 2020, 60% of digital businesses will suffer a major service failure due to the inability of IT security teams to manage digital risk, according to Gartner. 

If we marry all this new Internet of Things (IoT) data with artificial intelligence (AI) and machine learning, there’s a chance to win the fight against cyber criminals.

ChipIn

You Might Also Read:

FBI’s Cybercrime Report 2017:

Cybercrime Cost The Global Economy $450Billion In 2016:

Ten Myths About Cybercrime:

 

« Cybersecurity: The Cold War Online
Do British Police Take Cyber Crime Seriously? »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Code42

Code42

Code42 CrashPlan, is an enterprise SaaS solution that backs up all distributed end-user data on a single, secure platform.

Critifence

Critifence

Critifence provides unique Cyber Security solutions designed for Critical Infrastructure, SCADA and Industrial Control Systems.

Oak Ridge National Laboratory (ORNL)

Oak Ridge National Laboratory (ORNL)

ORNL conducts basic and applied research and development in key areas of science for energy, advanced materials, supercomputing and national security including cybersecurity.

Datec PNG

Datec PNG

Datec is the the largest end-to-end information and communications technology solutions and services provider in Papua New Guinea.

Cyber Covered

Cyber Covered

Cyber Covered provide complete website & data cover with market leading cyber insurance and powerful compliance software in one affordable package.

2Keys

2Keys

2Keys designs, deploys and operates Digital Identity Platforms and Cyber Security Platforms through Managed Service and Professional Service engagements.

Tech Nation

Tech Nation

Tech Nation is the UK’s first national scaleup programme for the cyber security sector, aimed at ambitious tech companies ready for growth, at home and abroad.

New Net Technologies (NNT)

New Net Technologies (NNT)

NNT SecureOps provides ultimate protection against all forms of cyberattack and data breaches by automating the essential security controls.

Orbus Software

Orbus Software

Orbus develops, markets and sells enterprise software which helps large, blue chip and government organisations across the globe to achieve digital transformation outcomes.

Primus Institute of Technology

Primus Institute of Technology

At Primus Institute of Technology our mission is to inspire, support, and empower current and aspiring IT professionals through training and career development workshops.

Halcyon

Halcyon

Halcyon is the industry’s first dedicated, adaptive security platform focused specifically on stopping ransomware attacks.

Accelerynt

Accelerynt

Accelerynt was founded with a singular purpose: help teams like yours build cybersecurity resilience.

Hexagon

Hexagon

Hexagon is a global leader in digital reality solutions. We are putting data to work to boost efficiency, productivity, quality and safety.

Silence Laboratories

Silence Laboratories

Silence Laboratories is a cybersecurity company that focuses on the fusion of cryptography, sensing, and design to support a seamless authentication experience.

Disecto Technologies

Disecto Technologies

At Disecto, we provide SaaS based Data Discovery, Classification and a remediation solution for data privacy compliance.

UberEther

UberEther

UberEther are a dedicated group of software developers and consultants developing and deploying the next generation of identity management and cloud solutions.