Translate to multiple languages

Subscribe to my Email updates
Enjoy what you've read, make sure you subscribe to my Email Updates

Thursday, November 30, 2017

Criminals look to machine-learning to mount cyber attacks | SC Magazine UK

"Artificial intelligence will increasingly be used by hackers to create new forms of attack" says Rene Millman, SC Magazine UK.


Cyber-criminals will use artificial intelligence and machine learning to outwit IT security and mount new forms of cyber-attacks, according to predictions made by McAfee.

Speaking at the launch of the IT security company's threats predictions report, launched at its MPower conference held in Amsterdam, McAfee chief scientist Raj Samani said in an interview that criminals will increasingly use machine learning to create attacks, experiment with combinations of machine learning and artificial intelligence (AI), and expand their efforts to discover and disrupt the machine learning models used by defender.

He said that machine learning will “help criminals to speak in a native language when carrying out a phishing attack”. This would improve their social engineering—making phishing attacks more difficult to recognise.

In response, those charged with defending IT infrastructure will need to combine machine learning, AI, and game theory to probe for vulnerabilities in both software and the systems they protect, to plug holes before criminals can exploit them.

Samani also predicted that ransomware will evolve from its main purpose of extortion to something different.

“The growth of ransomware has been much discussed. But in reality, it has blended and morphed into something else. Threat vectors can be a smoke screen. Ransomware [in some attacks] was used to distract the IT department. What we see is a growth of pseudo-ransomware.”

He added that whatever the attack may be, “we'll always be able to tell the motivation, but not immediately”. This distraction attack will be done in much the same way as DDoS attacks have been used to obscure other real aspects of attacks. These could be “spectacular” proof-of-concept with the aim of engaging large organisation with mega-extortion demands in future.

Read more... 

Source: SC Magazine UK