Artificial Intelligence’s Deep Learning, A New Cybersecurity Tool?
Among machine learning developments, deep learning is a major technological breakthrough. With the development of deep learning, programs for enhanced image recognition technology and games including Pokemon Go have come to pass. Advantages in Artificial Intelligence is likely to apply to anti-virus technology as well, rendering the currently anemic signature-based and heuristics-based antimalware obsolete. The reason is the current state of cyber attacks are becoming sophisticated, as the cybercriminals also practice research and development.
For example, the current cyber attack uses malware at a rate of 90% or more, and it is said that some attacks are being launched using malware at a rate of about once every five seconds. In the case of such a method of attack that allowed cybercriminals to break into the system, it was said that it was within one minute. Under such circumstances, conventional malware detection technology lists and detects data on malware characteristics called signatures, which is also limited. If new malware appears, it will not work unless you provide a corresponding signature.
In other words, malware without signatures is not detected, and it can not be detected until new signatures are created and the characteristics of the malware are grasped. But will it evolve quickly and catch up with malware that is customized to your target? It is also pointed out that there are a large amounts of malware that cybercriminals have created to try to evade antivirus. It is an attempt to evade signature-based malware detection by changing the content of the malware a little and creating a large amount of derived malware in order to avoid detection by signatures.
For these reasons, it has been pointed out that detection of malware with conventional antivirus functions has limitations. Therefore, more effective measures are needed, as the world is facing massive accessibility and sharing of information, all of which comes with risks:
Information leakage due to internal fraud
No matter how much security measures are taken with tools and systems, the damage caused by human disasters will not disappear. It is also reported that the staff of the company handling the information illegally uses customer’s personal information. Information to be abused includes credit cards and security codes. If it is the conduct of a trusted corporate employee, the customer has no way to prevent it and it also relates to social trust.
Attack targeting smartphones and smartphone apps
There is an increasing number of cyber attacks aimed at smartphones and smartphone applications. There is also a virus that infects smartphones, and malicious ones that extract information to a seemingly convenient free app have been confirmed. If smartphones used exclusively for business are abused, the damage to the company can be enormous.
Unauthorized use of Internet banking and credit card information
One of the most noticeable personal cyber damage is the removal of information from online banking and credit cards. Account-related information often leaks from virus-infected PCs and smartphone apps. Based on the stolen information, it leads to the result that Internet banking and credit cards are abused.
Damage caused by ransomware
Among cybercrime, the damage caused by ransomware, which is a type of malware, has been a topic in recent years. It is patterned that the PC that has invaded the malware is broken down and the ransom is paid for the information and system restoration. For a company that deals with information, the damage that makes the important information a hostage will be a great loss.
Damage caused by targeted attacks
Targeted attack refers to launching a cyber attack targeting a specific company. As a typical targeted attack, there is a method of sending an email with a virus attached to employees and departments of IT companies that are targeted. Unlike conventional spam emails, they are malicious because they can not be distinguished from regular emails at first glance. Infection with a virus or malware interferes with the operation of the system.