One Article Review
| Source |  AlienVault Blog |
|---|---|
| Identifiant | 461314 |
| Date de publication | 2018-01-29 14:00:00 (vue: 2018-01-29 14:00:00) |
| Titre | Hackers Using AI? An Increase in the FUD Factor |
| Texte |
It’s hard to envision hackers, whether skiddies, APTs, or anything in between, using any sort of artificial intelligence (AI) or machine learning (ML) to attack a target network. Despite the availability of these sophisticated technologies, the most simplistic attack tactics continue to work. Enterprises aren’t patching known vulnerabilities; freely available malware can run in memory un-detected; users continue to click on links they receive in email or allow macros on that innocent-looking office document; and internal network logs are often not collected and even more rarely kept for any period. if these methods work, why would adversaries turn to more complex solutions like AI or ML?
Looking back on 2017, perhaps the biggest takeaway is that the most obvious methods still work. Adversaries seek the greatest mission gain with the lowest amount of resources expended and equities exposed. For example, Equifax wasn’t pwned by a fancy ZeroDay exploit or an insider with a USB drive; PII on millions of consumers wasn’t culled from S3 buckets because Amazon’s infrastructure was hacked by an APT; WannaCry wasn’t the result of a ZeroDay vulnerability; and people (amazingly) clicked Yes to download an update to Adobe Flash, giving us BadRabbit! Sticking with what works continues to pay off for all adversaries, irrespective of their resources, motives or intent. So, what’s with the fear mongering over hackers using AI and ML to attack their targets?
AI (by which I mean both Machine Learning and AI in general) is the gift that keeps on giving. Most in the InfoSec community agree that AI has its place in the defense of the enterprise. The problem is that few people understand how AI works or how to best apply it, and many cybersecurity companies take advantage of this situation by making fancy sounding claims about the number of models they apply to the data or the types of mathematics they use to generate results. These claims generally go hand-in-hand with a dark-themed user interface with some sort of spinning globe or pew-pew map. And while defenders work to sift through the marketing blather and outrageous claims about cybersecurity products that use AI, some in the security world take further advantage, and extend the FUD further: what could be better to sow fear and confusion than claiming that hackers are now using AI to attack your network? The more observant in the InfoSec community have noticed that this language tends to originate with companies that stand to profit on the very same FUD that permeates the market.
This FUD spreading takes on a few different forms, often by way of polls, as in, how many people believe hackers will use AI. There’s been a few of these polls where more than 50 percent of the respondents agree that this is a real threat. For the life of me, I can’t understand why. The other way is through companies that make the claim. This comes in the form of sponsored posts on various InfoSec news sites, or interviews with company executives. There have been claims made about adversaries detected and intrusions executed using AI; while this may come to pass in the future, it’s incredibly unlikely any time soon. There are simply too many ways for adversaries to attack networks and accomplish their objectives using far more simplistic and less risky tactics. An adversary who has mastered the use of AI in their operations would only use it for the hardest of the hard targets, and even then, they’re likely to find an easier way to achieve their objective.
Yet, it’s important to note that the academic and security-minded research into hackers use of AI is real, and important. Adversarial machine learning is one angle. This work is important; it helps understand the cap |
| Envoyé | Oui |
| Condensat | the 2017 about academic accomplish achieve across adobe advantage adversarial adversaries adversary agree ai; all allow amazingly amazon’s amount analytical angle any anything apply appropriately apt; apts are aren’t articles artificial attack availability available back badrabbit because been being believe best better between biggest blather both buckets build can can’t capabilities claim claiming claims click clicked collect collected come comes community companies company complex conferences confusion consumers continue continues core could create culled cybersecurity dark data data; defenders defense defensive deploy deployed depth despite detected detected; develop different document; does don’t download drive; easier email emails; enterprise enterprises envision equifax equities even ever example executed executives expended experts exploit exposed extend eye factor fancy far fascinating fear fetched files find flash focus form forms freely from fud fundamental further further: furtherance future gain general generally generate generating get gift giving globe greatest hacked hackers hand hard hardest harp has have helps how i mean ifs important important; increase incredibly infosec infrastructure innocent inside insider install instrument intelligence intent interface internal interviews intrusions irrespective issues it’s its keeps kept know known language layering learning leave less life like likely limitations links log logs looking lowest machine macros made maintaining make making malware many map market marketing mastered mathematics may meanwhile memory methods millions minded mission model models mongering month more most motives network networks news next not note noticed now number objective objectives observant obvious off offensive office often often; on: one ones only operations originate other out outrageous outside over pass passwords; patch patching pay people percent perhaps period permeates pew pii place polls posts potential presented problem products profit programs provides pwned rarely real receive relevant research resources respondents result results risky run same security seek sense sift simplistic simply sites situation sketchy skiddies software; solutions some soon sophisticated sort sounding sow spinning sponsored spreading squishy stand sticking stop store strategies strategy such sufficient sufficiently tactics take takeaway takes target targets technologies tends than themed then there’s these they’re threat through time today tomorrow too tools trust turn types unblinking understand unlikely unproven update usb use user users using value: various very visibility; voluminous vulnerabilities; vulnerability; vulnerable wannacry wasn’t way ways websites; what what’s where whether which who why will work works world worrying would yet your zeroday |
| Tags | |
| Stories | Wannacry Equifax |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.