Insights from Experts: Kaspersky’s Lehan van den Heever on cybersecurity and artificial intelligenceBy Ryan Noik 4 January 2021 | Categories: sponsored content
As the world moves into the next decade of the 21st century, two powerful technological forces are continuing to gain relevance – artificial intelligence and cybersecurity.
The two emerging technologies have something in common, in that each are expanding and maturing, bringing new challenges and new opportunities.
What they also have in common is that neither are simple, and organisations – from SMEs to large enterprises - often desire guidance as to how to leverage both AI and cybersecurity to protect their organisations and augment their productivity.
These two technologies, working in tandem, are becoming more relevant now, with security threats expanding from one month to the next. Indeed, a recent IT threat evolution report from Kaspersky revealed that malicious installers increased in 2020 by as much as 93 232 in a single quarter, up to 1 245 894.
900 million and counting
An even more staggering statistic is that almost 900 million (899 744 810) attacks launched were successfully blocked by the company in the second quarter of the year, while almost 290 million (286 229 445) unique URLs triggered Web Anti-Virus components.
Of particular concern to businesses is ransomware, where one’s data is held hostage for a fee. The same report found that ransomware attacks were defeated on the computers of 154 720 unique users in the same time period. It comes as no surprise that the sheer volume of cybersecurity threats is stretching the capacity of security teams to their limits.
Add in the fact that 2020 has made remote working the new normal, with most businesses now needing to accommodate teams working from home in both their IT and security matrix. Clearly AI infused, machine learning enabled help is necessary to combat the increasing instances of malware, phishing and ransomware attacks.
Cybersolutions vs cybercriminals
One company that is rising to the challenge is Kaspersky, which has been addressing cybersecurity challenges using machine learning long before it was popular to do so. Lehan van den Heever, the enterprise cybersecurity advisor at Kaspersky, explains that the company has been infusing its solutions with machine learning since 2008.
“That has given us more than five petabytes of historical data and threat intelligence. By training our machine learning on such a large database, the software becomes very good at identifying fresh malware that hasn’t been seen before,” he explains.
So how does machine learning pragmatically help fight against threats? Van den Heever elaborates that anti-malware solutions use machine learning to rapidly consider specific kinds of code and analyse whether it is behaving like legitimate code, or like malicious code, based on decades worth of historic data.
Furthermore, he continues, machine learning analyses the usage patterns of individuals and identifies abnormalities. For example, if a user tends to log in consistently from one place, but then suddenly changes to another location or another device, machine learning-powered systems see this change in behaviour and can block access to an organisation’s network.
Unfortunately, it is not only cybersecurity companies that have access to AI and machine learning technologies. Cybercriminals and ‘bad actors’ do as well. And they are using the technology to make their attacks more intelligent so as to avoid detection from traditional endpoint solutions.
For starters, cybercriminals are using AI to create more convincing phishing attacks that can pass through email filters, and content that appears to have been written by a human being but are intended to propagate misinformation.
“I have been seeing a lot of phishing emails that used machine learning to scrape people’s data. They are then so well-crafted that they are much more difficult to separate from the genuine article, to the point that the only way that you can really know for certain would be by ‘detonating’ the included link in a sandbox so that you can see what happens once you click on it,” he elaborated.
At a time when most businesses have employees working remotely, what would have otherwise been a personal security breach could affect an organisation as well.
Find your threat
A more direct threat to businesses is that cybercriminals are using machine learning to become more adept at evading protections. “For example, cybercriminals desiring to attack a particular business will go on LinkedIn and look at who works there in the security department and what certifications they have. For example, if they see he is a Kaspersky engineer and likely to be running Kaspersky solutions, then they are starting to train themselves on how to evade Kaspersky defenses,” he continues.
If you are thinking that this sounds a great deal like the old MAD Magazine Spy vs. Spy then you wouldn’t be far off. The good news is that the Cybersecurity industry is winning. As demonstrated by the aforementioned report, threats can be averted, and AI, along with machine learning, are potent tools in a cybersecurity company’s arsenal.
However, organisations need to be aware of and alert to the threats that they can potentially fall prey to, and what measures they can - and should – take to protect themselves.
To that end, in the video interview below, van den Heever outlines exactly what organisations should look for in a cybersecurity solution to ensure threat intelligence in their cybersecurity defenses, addresses the debate on whether AI will replace or enhance personnel, and a great deal more.
Some highlights with their timecodes that you can jump to if you desire:
How attackers are using AI too: 7.09
Why AI matters to SMEs: 10.07
Addressing the weakest link: 14.00
Machine learning and building cybersecurity skills: 16.25
AI and people power: 18.03
Practical tips for businesses: 20.43
Most Read Articles
Have Your Say
What new tech or developments are you most anticipating this year?