Lately, Artificial Intelligence (AI) and Machine Learning have taken the cyber-security industry by storm. Although the industry is growing rapidly, it is heavily understaffed which is where these new technologies come in to play. Cyber-attacks have become more prevalent and the lack of manpower has been overridden by AI, which allows for a more efficient process. Some of the products being marketed require the developers to label algorithms for the machine, such as reviewing and labeling different code as malicious or not malicious. The rush to get these products out to clients leaves loopholes for attackers due to the lack of scrubbing for anomalous data points. This can cause problems such as attacks being missed because the machine does not recognize them, or hackers can access the system and switch parameters to make malware-infected code to appear as clean. Microsoft is attempting to prevent these issues with their Defender Threat Protection Service. It uses a sundry set of algorithms which means if one algorithm is compromised it will find the anomaly, so the other algorithms recognize it in the future. None of this means that AI and Machine Learning shouldn’t play a valuable role in cyber defense tactics, but it should be a wakeup call for developers and security professionals alike as they continue to create tools to better the industry.
Written by: Nataliia Zdrok, Threat Intelligence Analyst at Binary Defense Russia’s invasion of Ukraine increased