Machine learning: The saviour of cybersecurity?

Today, machine learning has come of age as it seeks to create predictive models and algorithms and gives computers the ability to carry out tasks without being explicitly programmed. Examples of Machine Learning we use on a day-to-day basis are Google search engines, recommendations from Amazon, Netflix and YouTube, and even suggested friends on Facebook.

However, machine learning is also being called out as the saviour of cybersecurity, with companies incorporating it into their technologies to predict, prevent and defeat the next major cyber-attack.

With internet crime growing at the rate it is, we need all the tools in our armory to stand any chance of keeping pace.  According to the Australian Competition & Consumer Commission, security scams have cost Australians over $950 000 to date in 2017, with hacking scams hitting the hardest.

Automation and machine learning is helping us to remove some of the heavy lifting from time-consuming security-related tasks. For example, we can analyse the normal behaviour for privileged users, privileged accounts, privileged access to machines and authentication attempts, and then identify deviations from the normal profile. Machine learning algorithms that continually adjust the baseline means we can continually adapt to a changing risk environment.

Adopting more of this technology will stop us from becoming too overwhelmed by the rise in the number of attacks. But this isn’t just about solving a volume issue; machine learning also helps us to combine insights gathered from customer data and produce a more complete and immediate understanding of evolving threats.

Surely, then, it is the answer we have been looking for to beat cyber attackers? Unfortunately, it’s not that straightforward. Two can play at this game, and cyber criminals are also findings intelligent new ways to use machine learning to their advantage.

AI-driven cyberattacks are able to learn and get better as they evolve. For example, ransomware attacks – already a huge concern for consumers and businesses – are using machine learning to get smarter and more targeted about what information is held hostage and how much to charge for it. Phishing scams are also become far more convincing using AI to mimic the writing style of friends and colleagues.

Cybercrime is a lucrative business, and attackers are prepared to invest in tools and technologies which will result in a higher number of successful attacks. The more advanced and more targeted attacks which were typically reserved for nation-states and criminal syndicates are becoming available on a greater scale.

We are moving towards a game of machine versus machine, and for this technology to stand any chance of becoming the saviour of cybersecurity, we need to make sure AI applications learn to defend must faster than they learn to attack. Continual innovation and industry collaboration will be critical for this technology to identify anomalous behaviour, adapt to a changing risk environment, and get ahead of the cyber criminals.

Greater attention will also need to be paid to securing corporate IT infrastructures against attacks and developing comprehensive IT security strategies to strengthen defences against what is an evolving threat landscape.