Using AI to Stay One Step Ahead of Cyber Criminals
The history of hacking shows that bad actors use good technologies for bad purposes. Machine learning is no different: it has never been easier for white hats and black hats to obtain and learn the tools of the machine learning trade. Software is readily available at little or no cost, and machine learning tutorials are just as easy to obtain.
Although adoption of machine learning among hackers is still limited, there are criminals using it for bad ends. A major example is the Business Email Compromise (BEC) campaign, which the FBI identified in 2015, and still tracks today. Intel Security, in the McAfee Labs 2017 Threats Predictions report, breaks down the sequence of events in a typical BEC attack, and shows how, where, and why they believe the perpetrators are using machine learning to facilitate their efforts—and improve their bottom line.
The BEC campaign targets high-end executives and their contacts, and uses falsified emails to dupe victims into making bogus payments. The McAfee Labs report argues that machine learning is used primarily for target acquisition. By compiling data from public sources—financial reports, news articles, social media posts and connection network—machine learning can optimize the choice of victim, and identify the types of attack to which a target is most likely to respond.
Nevertheless, machine learning is one of the best tools we have to efficiently and accurately analyze data and make it actionable to stop cyber criminals. But we need to keep up the pace of innovation in both the public and private sectors to develop and implement new technologies that will help us stay one step ahead.