Cyber threats are growing more serious, and artificial intelligence could be the key to security Posted on : Apr 22 - 2017

In a constantly evolving digital threat landscape, where firewalls and antiviruses are considered tools of antiquity, companies are looking to more technologically advanced means of protecting crucial data.

One such firm, U.K.-based Darktrace, uses machine learning capabilities — advanced algorithms that can adapt and learn — and probabilistic mathematics to learn the normal 'pattern of life' for every user and device in a network and detect anomalies. Their technology is modeled after how a human immune system identifies and responds to foreign threats — swiftly and without compromising the human body's key functions.

"The philosophy of our entire portfolio, or our approach, is largely based on this DNA: human immune system," Sanjay Aurora, managing director for Asia Pacific at Darktrace, told CNBC. "How have human beings, for millions of years, thrived and survived? (It) is because of our immune system. Almost every day, we're hit by unknown unknowns, which is the way organizations are also hit ... in terms of viruses and malware."

Experts point out the cyber-threat landscape has drastically changed and that criminals are now using more advanced technologies to launch sophisticated attacks. Even a few years ago, launching a distributed denial of service attack to take down a website, defacing webpages and stealing credit card details were considered major instances of cyber-attacks. Today, anything from medical records to airline miles — data that can be sold — are considered targets.

Detecting criminals who have breached a network has become harder because they maintain a low profile once they're inside. A recent report from cybersecurity company FireEye showed organizations on average took 99 days in 2016 to realize they had been breached. While that figure improved notably from the average 146 days it took in 2015, experts say attackers can do a lot of damage within that time.

In the past, attacks were extremely noisy, according to Eric Hoh, president for Asia Pacific Japan at FireEye. "Your computer would stop working and you'd know about it. There'd be a message that'll show on your computer and you'll know about (the attack)," he told CNBC.

Today, Aurora said, attackers are spending weeks, months and years looking for crucial information inside a network. More worryingly, he said, cyber-attackers are focused on not only stealing the data but also altering them without detection. If an attacker can alter a single row or column of data in a database once a month, undetected, in the long run the consequences can be severe because companies would find it hard to distinguish between real and fake. For example, if electronic medical records are altered without the knowledge of doctors and nurses, it could potentially lead to misdiagnoses that could put patients' lives in danger.

"This is the real scare, to not just a particular industry of a particular size, but to everybody. It is a matter of existence," said Aurora.

That's where Darktrace's artificial intelligence system comes in, with the latest technology offering called Antigena. Once a threat is identified, Antigena automatically responds by taking proportionate actions to neutralize it and buy security teams enough time to catch up. In essence, it acts like a digital antibody that can slow down or stop compromised connections or devices within a network without disrupting normal business operations. View More