By Doron Chema, CEO, and Co-Founder of L7 Defense
Cyber attacks have entered a new age. Very advanced attacks coming from IOT botnets are leaving companies stumped as they just don’t have the tools to deal with such advanced malicious technologies.
As the number of Internet of Things (IOT) devices grows every day (expected to reach over 30 billion by 2020) so too does our reliance on them. But as we become more reliant on them, they become a bigger target for hackers who can use sophisticated attacks to hit unsecured connected devices. Distributed Denial-of-service (DDoS) attacks, for instance, are increasingly common and have the potential to critically harm the way we live our lives.
But now, hackers have upped the ante. They’re using Artificial Intelligence in DDoS attacks. Dealing with DDoS attacks without the use of AI is difficult enough. With AI, cybercriminals can render cloud services useless and do so without getting caught. The outcomes can be terrifying.
But, there is hope. To fight against AI-driven attacks, cyber defense systems need to use AI technologies as well. Moreover, this next generation of defense needs to be more advanced than the attackers. Let’s look at how that can happen.
The rising use of AI and machine learning in cyber attacks
IOT systems are being attacked because they are often exposed, always-on devices, with low-security standards. They are often rarely monitored, which allows hackers to easily shut down or enslave large numbers of them.
And as costly as the attacks, they’re also becoming very difficult to stop as AI and machine learning is being used by hackers to launch powerful, debilitating DDoS attacks.
It makes sense for hackers to use technology like this as it can allow them to send out malicious material at a much quicker rate than a human. Let’s take the distributed denial of service (DDoS) attack type as a typical example. Previously, taking down web system took time. A classical bot attack used a simple “attacking signature” from a single source IP address and humans had to perform the attaching function. This progressed eventually to simple scripts with loops, known as a denial of service (dos) attack. Later
This progressed to distributed denial of service (DDoS) attacks – the use of multiple sources to launch the attack over a larger surface. This then changed to become more automatic over time – albeit still needing a human to run the script. More recently IOT botnets push more power to the process as making the whole process more automatic and dynamically controlled, including the source IPS, number of different attacking vectors, the parameters at each, etc.
Though with attacks that use AI on top on these auto-capabilities, a human is not needed, and the fully automated botnet machines can be controlled and change by their attacking signatures when one doesn’t work. Attacking systems like this can rapidly change the attack, quickly, outsmarting the defense systems.
The problem is further exacerbated with the randomness of internet traffic: it can be difficult – or nearly impossible – to differentiate legitimate internet traffic from malicious traffic. This is often seen as the biggest problem in preventing DDoS attacks.
This, combined with advanced AI attacks, is causing a crisis for companies who don’t have the kind of advanced technology to fight against it. What is needed is the next generation of cyber defense systems which is more advanced than the threat.
To fight against AI-driven IOT botnets, a cyber defense system built on AI is needed. The AI system needs to be very precise and able to auto-learn. It should also be able to deal with multiple problems and change its defense method at the same rate the attacker changes.
The new generation of attackers is constantly learning and changing its techniques, and the next generation of AI cyber defense systems will need to do the same. Currently, there are few cyber defense systems that use “supervised learning”. But building this kind of system requires training with a stable set of data before it can be used. And as internet traffic is difficult to deal with in its very nature, due to its changing volume and content types, this approach just doesn’t cut it against AI or machine learning-based attacks as it is unable to understand what is going on.
Therefore, to really be effective, the new generation of defense systems needs to learn by itself that there is new data which can cause damage, analyze it, and decide to stop it in its tracks, or not. These capabilities demand using the “unsupervised learning” approach. It will have to be able to pick up on the most complicated patterns from internet traffic to spot potential attacks. The technology will not need to be trained. Just Like a human immune system, it should adapt itself and change to the incoming threat, with no need to learn from previous threats how to react.
Catching up – and quickly
As mentioned before, attackers are using more advanced technology than ever, costing companies more money than ever and threatening the very way we go about our lives. This year, a report about the malicious use of AI said that hackers could use the technology to change society if they wanted, adding that we should “prepare for the next wave of attacks”.
Using AI to hack IOT devices threatens everyday human existence. A powerful new generation of cyber AI defense is what is needed to tackle this crisis.
About the Author
Doron Chema is the Co-Founder of L7 Defense in Israel. With over 15 years of experience in a variety of Managerial IS/IT roles, Doron specializes in Project and Program Management, Enterprise and Internet Application for fields such as medicine, CMS, Forex Trading, ERP and CRM, as well as the billing and e-commerce for enterprise and mobile apps.