show image

Security chiefs are increasingly turning to AI to combat malware

Chief information security officers are increasingly turning to AI to combat the mounting scale and intensity of malware attacks, new research has revealed.

Cisco’s annual survey of CISOs found that 39 per cent are reliant on automation, while 34 per cent depend on machine learning and 32 per cent rely on AI.

The research revealed that one in five UK respondents observed between 250,000 and 500,000 security alerts a day last year. But the report indicates that attacks are not just becoming more prevalent; they are also increasing in sophistication and impact.

Cisco found that more than half of attacks cost more than $500,000 a year. It also unearthed a threefold increase in encrypted network communication used by malware.

“Last year’s evolution of malware shows adversaries are becoming wiser at exploiting undefended gaps in security,” said John N. Stewart, senior vice president and chief security and trust officer, Cisco. “Like never before, defenders need to make strategic security improvements, technology investments, and incorporate best practices to reduce exposure to emerging risks.”

One of the reasons cited for the rising number of complex attacks is the variety of different vendors used by each business. In last year’s survey, 18 per cent of respondents said they used products from 11-25 vendors. This year, 25 per cent did. Correspondingly, the proportion of breaches affecting half of respondents’ systems doubled from 15 to 32 per cent.

Another reason for the costliness of attacks, the researchers suggest, is that malware is increasingly used to cause maximum damage to systems, rather than simply to generate a ransom fee, as the NotPetya attack demonstrated last year.

Ukraine’s central government and national bank were among the first organisations to be hit by the virus. It went on to strike British advertising giant WPP, French construction materials company Saint-Gobain and several other global businesses. The president of Germany’s cyber agency, the BSI, later revealed that the virus had caused millions of euros of damage in the country, with some factories forced to stall production for more than a week.

Commenting on the findings of Cisco’s report,  Fujitsu’s Bryan Campbell said companies need to be concerned not just with protecting data, but the entire operation of the company: “As we have seen in the past year, cyber-attacks can set out to completely paralyse organisations at a national and international scale, creating havoc, and resulting in a complete shutdown of services.”