AI And Security

Ransomware has become a major issue, Surace said, adding that it is already putting lives at risk and giving rise to the term “killerware.”

AI is starting to be deployed in networks looking for unusual activity that would indicate a cybersecurity breach, he said.

“AI is really looking for unusual activity, activity we would not expect from that sysadmin or from our employees or whatever,” he said. ”It‘s good. In fact, it’s quite good, but it’s not good enough to keep ransomware from growing through the roof, including companies who have already paid up. And the AI is getting way better. And what happens? The ransomware, the kids in the basement, whatever, are also getting better and then trying to thwart this. They’re trying to sneak in and actually just do things that look like an employee. Because if you look very much like what an employee would be doing, it’s very hard to distinguish you.”

The problem is not the system, Surace said.

In a hospital, for instance, the problem lies with doctors who are wonderful medical practitioners but terrible security specialists with access to every patients‘ medical records and the authority to change or delete them, he said.

“They do not understand network security, and every single one of them use their daughter‘s name as their password,” he said ”And 80 percent of them, I can find their credentials on the dark web.”

Surace said about 84 percent of all phishing attacks are aimed at finding the credentials that will allow cybersecurity attacks, making credentials a priority to secure. However, he said, a fix would require IT systems that could ensure 100 percent accuracy in identifying authorized users.

Unfortunately, the identification information needed for such accuracy could not be stored in a network because networks are hackable, he said. Keeping such information available online means that information can always be decrypted even when it is encrypted by using the applications that wrote the data, he said.