A Game of Data
Mahdi, who also runs a cyber security YouTube channel (Mahdi on Security) began our chat by narrating that we have always gone to war over resources. As our desire to reign supreme over land, sea and air grew so did the development of armies, navies and the air force. He then continued to illustrate that presently everything is (or is getting more and more) connected to the internet. Direct connection via laptops or even IoT (Internet of Things) devices transmit huge quantities of data via the information highway. When things are operated by data and controlled by automated systems the question of security comes into play. Several organizations, from technology companies to social media websites, have been working to stop cyber-attacks. As such AI technologies are being incorporated to respond to increased threats.
A PEEK INTO CYBER SECURITY
To understand how to handle hackers, one must understand cyber security first. According to Kaspersky “Cyber security is the practice of defending computers, servers, mobile devices, electronic systems, networks, and data from malicious attacks. It’s also known as information technology security or electronic information security.” Basically if a system has vulnerabilities cyber security would be the science of securing those systems from a breach.
THE SECURITY TRIFECTA OF CYBERSPACE
There are 3 security goals of cyber security and it deals with the triad of Confidentiality, Integrity, and Availability.
- Confidentiality means to protect the confidentiality of data. Breaches happen in this aspect when the sensitive data of one person or entity goes to a third party.
- Integrity: infers the preservation of the integrity of data. This means that after the breach the data is being polluted ruining its original authenticity.
- Availability: points to the availability of data for authorized use. When an attack happens resulting in the service to go down i.e. there is a denial of service (DOS) to access the data we understand that the availability has been breached.
THE MANY THREATS OF THE CYBER WORLD
The term cyber security can be applied to a variety of contexts, from governments to enterprise, and can be divided into a few common classifications.
Network security focuses on securing computer networks from intruders ranging from targeted attackers to opportunistic malware.
Application security deals with preserving software and devices free of threats. A compromised application could provide access to the
data it was programmed to protect.
Information security protects the integrity and privacy of data. It can be in storage or in transit.
Operational security encompasses the processes and decisions for managing and protecting data assets. The user permissions for accessing a network and the procedures that determine how and where data may be stored or shared all fall under this branch.
Disaster recovery and business continuity define how an organization responds to a cyber-security attack or any other event that causes the loss of operations or data. Disaster recovery policies guide how the organization restores its operations and information to go back to the same operating capacity as before the event. End-user education addresses the most unpredictable factor in cyber-security: humans. Any individual can accidentally introduce a virus to a relatively secure system by failing to follow good security measures. Making users learn how to adhere t\o various other important lessons is key for ensuring the security of any organization.
THE SCALE OF THE CYBER THREAT
The global cyber security threat continues to evolve at a galloping pace, with an increasing number of data breaches each year. A report prepared by Risk Based Security presented that a shocking 7.9 billion records have been exposed by data breaches in the first nine months of 2019 alone. This figure is more than double (112%) the number of records exposed in the same period in 2018.
The types of threats on an international scale and local scale vary.
Alternatively, the common 3 local attacks include:
Phishing is the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers.
SQL Injection is a code injection technique that might destroy your database. SQL injection is one of the most common web hacking techniques.
Drive by Download is a download that occurs when a user visits a malicious website that is hosting an exploit kit for malware attacks. The exploit kit will look for a vulnerability in the software of the browser, and inject malware via the hole in the security.
ARTIFICIALLY INTELLIGENT CYBER SECURITY
Artificial intelligence has assisted the medical, automobile and marketing industry greatly in the recent past. Currently, AI is being used to help in the fight against cyber crime. With the help of AI, organizations can fight back using more with an edge than just commercial security systems.
By incorporating artificial intelligence within security systems, individuals and machines can learn from the data collected and use it to have an edge over perpetrators. AI centric cyber security systems can provide updated data of global and industry specific threats to help make critical prioritization decisions based not only on what could be used to exploit your enterprise, but based on what is probable to be used to attack your enterprise.
RISE OF THE MACHINES’ LEARNING
With developing cyber security programs, artificial intelligence is being intertwined with machine-learning platforms. These combinations of both platforms have promising prospects as they are being combined with artificial intelligence and cyber security technology in attempts to prevent hackers from gaining access to private data.
Machine learning is a type of artificial intelligence used in the majority of cyber-attack prevention. It allows machines to learn without being explicitly programmed. It focuses on developing computer applications that have the ability to change when exposed to new data, thus making the fight against hackers more effective. Through the incorporation of algorithms that learn from the information, machine learning allows computers to find hidden figures without being specifically programmed where to look.
This is an amazing development for the cyber security industry. As cyber-attacks evolve and adjust to get around overprotective mechanisms, security professionals have to focus on the more severe risks first. Artificial intelligence is the key to allowing cyber security systems to carry out human-like tasks and provide first-hand protection. The industry is quickly evolving and with the addition of artificial intelligence, machine-learning can be a step in the right direction towards improved greater security.
OFFENCE VS DEFENSE
Presently, AI is used in a limited manner in mostly defensive cyber security as opposed to offensive (exploring and detecting vulnerabilities). However, Mahdi predicts not only there will be unprecedented growth in the use of AI but Machine Learning and AI will attain a lot of traction in offensive cyber crime.
Advantages of AI Cyber Security
- AI can handle the increasingly rising volumes of threats
- AI cyber security can learn over time
- Artificial Intelligence has the ability to identify unknown threats
PEOPLE BEHIND THE PROGRAMS
In Bangladesh enterprise solutions like Wireshark, Splunk, Stealthwatch, Asa and Bit defender are commonly used to avert hackers. Nevertheless, investments need to be made in more skilled professionals for the cyber security industry. Policymakers will need to create the pipeline with a proper product and people marketplace. Otherwise enterprises may fall prey to malicious intent and learn the hard way. Mahdi shared with me that only the most skilled workers who know how to work with cyber security and are familiar with AI can survive in top managerial positives. AI’s efficiency itself will root out the entry level jobs.
POLICIES FOR PROGRESS
Top 5 things to do policy-wise to ensure cyber security for businesses:
- Make cyber security a priority and set up a strategy
- Promote awareness among employees
- Provide firewall security for your Internet connection
- Create a mobile device action plan
- Make back copies of important information and Data
THE MORAL DILEMMA
In my conversation with Mahdi, I predictably asked him about the example of the Terminator 3 movie plotline. With AI becoming an increasing reality in our lives could such a system built for cyber security, eventually lead to our bane?
Mahdi gave a disclaimer in this regard. AI does not share the same principles as we do. Hackers in the future may use AI for harm. If in a possible future where AI may combat with AI, the human collateral in terms of loss of infrastructure, resources, personal data and most importantly lives (all linked via the internet) in emotionless war is indeed one to be worried about. We can hold a human accountable but it is not so easy to demand answers from a machine.
ODE TO THE FUTURE
According to a Forbes report in 2019, 61% of companies said they cannot detect breach attempts today without the use of AI technologies and 48% said their budgets for AI in cyber security will increase by an average of 29% in Fiscal Year 2020. The numbers greatly speak for the current and future adoption of AI as well as its need in the continuously evolving digital world. Hackers too will learn and grow with technology. It’s imperative that enterprises invest in the right people with the programming power so that we come out on top of the battle in cyberspace.