Employees at FedEx in the U.S., Telefónica in Spain and the National Health Service in the U.K. opened their work computers one day in May 2017 to find they no longer had access to thousands of crucial documents. A message appeared demanding payment in bitcoin to have them restored. The ransomware attack known as WannaCry afflicted more than 200,000 people in 150 countries, according to Europol, and was the largest of its kind in recent history. The threat of this sort of crippling data security breach has tech giants turning to artificial intelligence for solutions.
As online hackers increasingly use advanced technology for penetrative attacks, the companies that host our private information also are engaging the most advanced systems available in a bid to protect us. Microsoft, IBM and Cisco are among the many technology companies depending more than ever on machine learning and AI to defend their customers’ identities and data, around the clock and in real time.
Globally, nearly 2 billion data records were compromised in cyberattacks within the first six months of 2017, according to digital security provider Gemalto, and ransomware payments hit an astonishing $2 billion — twice as much as in 2016 — antivirus software firm Bitdefender found. Equifax, Yahoo and Uber are just a few of the major companies that have fallen victim to cybersecurity breaches in recent years. Individual victims can take years to recover.
But the tech companies deploying AI to secure online networks are finding it increasingly useful in reducing — if not eliminating — the risks. Microsoft, which began using AI for digital security in 2012, blocked more than 1 billion malware messages using AI cyberdefense in 2017. While ransomware increased more than 350 percent between 2016 and 2017, Microsoft’s Office 365 has reached a 99.9 percent accuracy rate in detecting these attacks. Today, most of Microsoft’s fellow tech giants — including Salesforce, Amazon, Google, Facebook and Netflix — are also using AI to defend against online attacks, as are others throughout the tech industry, says Steve Dispensa, partner director of information and threat protection at Microsoft.
Cisco’s Security Business Group employs machine learning to study traffic patterns and user behavior, and draws conclusions about normal and non-normal behavior. For example, if you forget your password nine times and suddenly remember it on the 10th try, it would raise an alarm. Using AI and machine learning, Cisco’s security-research team, Talos, has been able to reduce the time to detection (TTD) rate for cyberattacks. Cisco’s median TTD of 4.6 hours from November 2016 to October 2017 was well below the median of 39 hours in 2016. Though it doesn’t currently track year-over-year growth, Talos prevented 7.2 trillion attacks last year.
IBM — one of the world’s largest tech companies, with 380,000 employees — began training and implementing its supercomputer, Watson, for use in cybersecurity in 2016. Its behavioral biometrics technology uses machine learning to track mouse movements in real time and combines the information with learned behavior patterns and fraud patterns to distinguish real users from threat actors. IBM also employs Watson to read thousands of security blogs and articles published each year to stay on top of trends. Watson has been able to find threats 60 times faster than manual investigations, and decreases complex analysis time from one hour to less than one minute.
“There’s only so much a human can read and process,” says Caleb Barlow, vice president of threat intelligence at IBM Security. “But AI can make those correlations and provide all of the details associated with a particular threat actor, campaign or motivation for an attack.”
Read the source article at OZY.