AI And Robotics Can Fight Cyber Crime

As digital technology relentlessly disrupts and sculpts the global landscape it exposes organisations to opportunities and threats. All evolution comes with challenges and the dark world of cybercrime continues to thrive and is this year’s second most reported economic crime.

The recent NHS computer hack using Wanna Decryptor ransomware shut down IT systems with 75,000 attacks in 99 countries. The unprecedented ransomware breach froze computers across the health service with hackers threatening to delete files unless a ransom was paid.

Recently the popular font sharing site DaFont.com was hacked, exposing 699,464 accounts in the breach. The passwords were scrambled with the MD5 algorithm, which nowadays is easy to crack. The hacker unscrambled over 98% of the passwords into plain text.

“I heard the database was getting traded around so I decided to dump it myself, like I always do”. He said it was “mainly just for the challenge and training my pen-test skills.” He exploited a union-based SQL injection vulnerability in the site’s software, a flaw he said was “easy to find.”

Cyber crime can be committed with minimal resources and from a remote location. The same systems that have made it easier for people to conduct e-commerce and online transactions are now being exploited. Detection of criminals is difficult and it’s a relatively low risk activity for high rewards.

Last year, Ginni Rometty, IBM’s chairman, president and CEO, said “Cybercrime is the greatest threat to every company in the world.”

Cyber crime is defined as a crime in which a computer is the object of the crime or is used as a tool to commit an offence. Crimes that target computer networks or devices include viruses and denial-of-service (DoS) attacks. Crimes that use computer networks to advance other criminal activities include cyberstalking, phishing and fraud or identity theft. A primary concern is the impact of these attacks on businesses, the lifeblood of the economy. A recent survey showed that 43% of cyber-attacks target small businesses, 75% of which have no cyber insurance. In the wake of these attacks, these companies spent an average of $879,582 because of damage or theft of IT assets. In addition, disruption to normal operations costs an average of $955,429. The consequences can be severe and it has been reported that 60% of small companies go out of business within six months of a cyber-attack.

Cybercrime is sometimes mistakenly perceived as a victimless crime, however cyber criminals cause their victims emotional, physical and financial trauma.

In the past year 60% of fraud transaction come from a mobile device. As mobile traffic is ever-increasing and overtakes web transactions, mobile fraud will rapidly grow, especially as banks and retailers serve their customers via mobile apps.

Biometric authentication is starting to happen now and user experience is the motivation over cyber-security.

Fingerprint, voice, and eye-print, combined with risk-based transaction monitoring, will be the predominant technology combinations for authentication and fraud management in mobile devices.

It is predicted that the launch of 3D Secure 2.0, led by EMVCo will change the e-commerce ecosystem. The new system offers many enhancements to the 1.x password-based, “challenge all” approach. As the scope for in-person fraud diminishes, card-not-present (CNP) fraud is expected to soar to over $7 billion in the U.S. by 2020.

Today, online money transfer and bill pay services account for approximately 1 in 5 e-commerce fraud transactions, followed by the hospitality and airline, electronics, jewelry, fashion, entertainment and gaming industries. Phishers will aim to increase the duration of a live attack through improved methods. It is also a strong possibility that clever phishing attacks will target cardholder information as breaches and skimming of POS terminals and ATM machines will be far less effective as more terminals are upgraded to support EMV cards.

The Potential of AI and Machine Learning

IBM’s Watson made its debut in 2011 as a winning contestant on the American quiz show Jeopardy! Originally, the cognitive computing system was designed to take large, unstructured datasets in the English language and pull answers to queries out of that data. Watson has evolved to work on large data sets looking for patterns, rather than the answer to a specific question. For-instance alongside the Baylor College of Medicine to help with the study of kinases, an enzyme that can sometimes indicate cancer.

With large quantities of data the speed of using augmented intelligence is impressive. For example, while a doctor may read about 6 medical research papers in a month, Watson can read half a million in circa 15 seconds. From this, machine learning can suggest diagnoses and advice on a course of treatment. The Watson for Cybersecurity beta program now helps 40 organisations to use the computer’s cognitive power to help spot cyber-crime.

Currently, cybersecurity operations, generally, require a human to spend their time going through alerts of potentially malicious activity, a repetitive and time-consuming process. Teams process over 200,000 security events per day on average and over 20,000 hours per year can be wasted in the pursuit of false alarms.

Cognitive computing is 30-40 percent faster than traditional rule-based systems and results in fewer false positives. Because it learns as it goes, it doesn’t repeat the same mistakes. The more it analyses, the more AI can understand malware and fraudulent activity patterns, which is something that will help cybersecurity professionals level in the fight against hackers.

Researchers from MIT have created a virtual AI analyst. The platform, AI Squared (AI2), is able to detect 85 percent of attacks, roughly three times better than current benchmarks, and also reduces the number of false positives by a factor of five, according to MIT.

AI2 was tested using 3.6 billion log lines generated by over 20 million users in a period of three months. The AI trawled through this information and used machine learning to cluster data together to find suspicious activity. Anything which flagged up as unusual was then presented to a human operator and feedback was issued. While there are a number of companies using machine learning to fight hacking and cyber-crime, there are those who are already looking to take the technology to the next level with the use of deep learning. One of those is Israeli firm Deep Instinct, which lays claim to being the first company to apply deep learning to cybersecurity.

Deep Instinct aims to detect previously unknown malicious threats, the sorts of attacks that might otherwise slip through the net.

It’s simple for malicious software developers to enable their creations to evade detection, as slight modification of the code can make it unrecognisable. However, that can be made much more difficult with the introduction of deep learning.

“We’re trying to make the detection rate as close as possible to 100 percent and make life as difficult as possible for creators of new lines of malware. Today, it’s very easy; they modify a few lines of malware code and manage to evade detection by most solutions. But we hope to make life very difficult for them with detection rates of 99.99 percent,” commented Dr Eli David, Deep Instinct’s CTO and artificial intelligence expert.

According to 700 security professionals surveyed by IBM the top benefits of using cognitive security solutions were improved intelligence (40%), speed (37%) and accuracy (36%). IBM say Watson performs 60 times faster than a human investigator and can reduce the time spent on complex analysis of an incident from hours to minuets.

Machine learning and AI speed up the lengthy process of sorting through data. Quantum computing aims to be able to look even quicker. Canada based company, D-Wave recently sold its newest, most powerful machine to a cyber security company called Temporal Defense Systems to work on complex security problems.

The rules-based systems of yesterday are no longer effective against today’s sophisticated attacks. Any system that can improve accurate detection and boost incident response time is going to be in demand. We have clearly reached a point where the sheer volume of security data can no longer be processed by humans. Human-interactive machine learning systems analyse internal security intelligence, and marry it with external threat data to direct human analysts to the needles in the haystack. Humans then provide feedback to the system by tagging the most relevant threats. The system adapts its monitoring and analysis based on human inputs, enhancing the chances of finding real cyber threats and minimising false positives.

Global spending on cyber-security products and services are predicted to exceed £1 trillion over the next five years, from 2017 to 2021. By 2020, 60% of digital businesses will suffer a major service failure due to the inability of IT security teams to manage digital risk, according to Gartner.

If we marry all this new Internet of Things (IoT) data with artificial intelligence (AI) and machine learning, there’s a chance to win the fight against cyber criminals.

ChipIn:

You Might Also Read:

FBI’s Cybercrime Report 2017:

Cybercrime Cost The Global Economy $450Billion In 2016:

Ten Myths About Cybercrime: