Fighting Fire with Fire
Thorsten Kurpjuhn, European Market Development Manager at Zyxel, discusses the role artificial intelligence technology is playing in shaping the security landscape.
Artificial intelligence (AI) is simultaneously exciting and terrifying for us all. It promises to provide us with new insights and understand changes and what they mean, almost as they happen. Armed with such immediate and intelligent insights, we can respond faster, take advantage of opportunities and address potential issues before they become real problems. It’s this latter capability that is changing the approach that Zyxel – and indeed the whole network security industry - is taking to threat protection.
Cybercriminals are always quick to exploit the latest in technology and AI is no exception. We are already facing a cybercrime pandemic, and the global cost has now reached $600 billion according to a recent report from McAfee.
The impact will be felt even more during 2019 as cybercriminals start to take advantage of AI to create new threats capable of circumventing the defences of a conventional firewall. Every network and device will be at risk from the new generation of AI-powered crypto-viruses, which – with built-in intelligence – are smarter than anything we’ve seen before and capable of learning new tricks. A virus may, for example, be able to simply go to sleep for several days, by which time it will have been identified as harmless, only to wake up and start causing problems.
To counter these more sophisticated threats, we need the advanced threat protection (ATP) that Zyxel is now building into all its firewall solutions. ATP uses AI to detect and silo potential threats before they have any chance to be deployed.
The primary method used in ATP is sandboxing. This examines activity at the processor level, in real-time, detecting and blocking anything that looks like it could be malware and shutting it away in a protected area of the system before it can do any harm. These potential threats are then analysed using AI and the very latest data available to the ATP system. The cloud is thus a vital part of the ATP system, as it provides the means through which all users of ATP can share information about new threats, almost instantly.
As already mentioned, ATP is already being offered on the latest generation of Zyxel firewalls and we will start to see it become the primary method used to counter more sophisticated AI-powered threats.
It is very much, a matter of fighting fire with fire. Hackers and cybercriminals will inevitably use AI and machine learning in more and different ways to try and get around network defences. Our job in the network security industry, is to stay one step ahead and make even better use of AI to counter them. The cloud is a vital weapon in our armoury. By using it to share up-to-date information on new and potential threats, we can help everyone stay safe and keep the cybercriminals at bay.