Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

When machines do the hacking

Patrick Hubbard, Head Geek, SolarWinds | July 13, 2016
Cybersecurity threats will be humanly impossible to predict in future

When it comes to cybersecurity, there's only one thing worse than hackers: robot hackers. No, we're not talking about Skynet - at least, not yet. But for IT managers, the next wave of cybersecurity threats is likely to be automated, targeted, and almost humanly impossible to predict.

That's because of the technology phenomenon of machine learning, whereby a software platform analyses patterns in large volumes of data to find patterns in unfamiliar situations.

Machine learning is already proving disruptive in a range of fields, from voice recognition (think Alexa & Siri) to financial services advice and even biomedical practices like diagnostic imaging. If cybersecurity pros aren't careful, its most disruptive application could well be in cybercrime.

Beware the Bots

A typical sophisticated hack is tailored to bypass the target organisation's unique configuration of defences, focusing on known vulnerabilities in technical systems or user behaviour that the hacker has identified. Human attackers, however, suffer from the same cognitive biases as all other people, and inevitably overlook or opt against using vulnerabilities which they're not so comfortable at exploiting.

Moreover, even large teams of human hackers can only coordinate attacks against a few vulnerabilities at any given time, before being overwhelmed by the speed and attention required.

Machine learning attacks will do away with these human limitations. The more data they absorb about the vulnerability or the target - from undefended ports to enterprise org-charts to reliably cataloguing new zero-day vulnerabilities - the more capable they'll be of orchestrating a successful attack.

Unlike human hackers, machine learning isn't biased in using the data to develop incredibly novel attacks, combining multiple vectors and techniques in ways that even the most creative cybercriminals wouldn't think of doing.

If one permutation of attacks fails, machine learning's highly automated nature will mean that it can just cycle through more combinations at dizzying speed, with a randomness and persistence that will vex even the most diligent cybersecurity operators.

And if that's not worrying enough, most freely-available machine learning platforms are all hosted in the cloud - making them as elastically scalable as the very SaaS offerings their targets are using. Forget hiring more black-hat engineers: to ramp up the intensity of an assault, all a hacker needs to do is provision more cloud instances with a (stolen) credit card.

In other words, machine-learning hacks have far greater sophistication, scale, and ROI than traditional cyber attacks. We can assume that state-sponsored actors are already testing or even using machine learning in their arsenal - but if a nation-state is targeting your enterprise, there's not much that even the best-resourced cybersecurity team can do.

The more likely risk comes from commoditised machine-learning services - the sort that major cloud providers are now making openly available - being adapted by freelance cybercriminals. But fear not: in this war against the machines, resistance isn't futile.

 

1  2  Next Page 

Sign up for CIO Asia eNewsletters.