AI to be used to create advanced tools to support Cyber Experts

In a chat with VARINDIA, Keith Martin, F-Secure Head Asia-Pacific and Japan for Corporate Business, discusses about the current cybersecurity landscape in India, AI, cybersecurity, ransomware, etc.

India has come a long way in the field of cybersecurity by taking major steps with policies that were incorporated in 2013. Also, the government has initiated Computer Emergency Response Team (CERT-In) which helped the country to address the cybersecurity challenges. Apart from these developments, there are other initiatives like Digital Swachhta Kendra and CISO to better address cybersecurity concerns.        

“India has worked incredibly hard on the cybersecurity front. The National Cyber Security Policy was incorporated as early as 2013. The policy aimed at developing a secure and resilient cyberspace for Indian citizens and businesses. Additionally, it launched its own Computer Emergency Response Team (CERT-In) back in 2004, but supported the nation’s determination to dynamically address the burgeoning cybersecurity challenges. MeitY (Ministry of Electronics and Information Technology) launched Digital Swachhta Kendra, a botnet cleaning and malware analysis centre, in 2017 as botnet-based attacks increased on a global level. It had also instituted a federal CISO to spearhead and monitor cybersecurity policy, planning, and implementation,” says Keith Martin, F-Secure Head Asia-Pacific and Japan for Corporate Business. 

Martin further adds, “Something that isn’t recognized on a macroscopic level is that India is also equipped with two-factor authentication for online payments. This decreases its exposure to fraudulent transactions. The country also constantly collaborates with industry partners, as well as international players, and is benefited by this threat intelligence collaboration. These initiatives and collaborations add to the nation’s defensiveness as it emerges as a promising digital market across the globe.” 

Artificial Intelligence and Cybersecurity

The upcoming technologies like Artificial Intelligence (AI) will support cybersecurity fields with advanced tools. The researchers in cybersecurity can also leverage AI to analyze huge sets of data for abnormalities and malicious behaviour.         

“Artificial Intelligence will be used to create advanced tools and automation to aid experts in the cybersecurity field. This effort is already under way. Artificial Intelligence techniques allow cybersecurity researchers to analyze large data sets, and high-volume streaming data, on-the-fly, for anomalies and patterns indicative of malicious behaviour. Machine learning models, deployed on both clients and backend systems, are already being used to detect anomalies in computing infrastructure. Artificial Intelligence will give cybersecurity researchers more time to work on creative solutions to problems they’re seeing in the field. That knowledge will then be used to create even better tools and models for the future,” explains Martin. 

Ransomware

F-Secure, in a recent report, discussed thoroughly about ransomware which reveals that it remains a serious threat. Elaborating more on this, Martin explains, “We have ourselves recently released the Changing State of Ransomware, wherein we have thoroughly discussed how ransomware still continues to be a substantial threat. A fact that easily goes unnoticed as we talk about prominent ransomware attacks, including WannaCry, is that they’ve largely had a very limited scope of attack. For instance, WannaCry targeted limited versions of desktop OS, leaving other operating systems, mobile devices, and IoT framework out of its purview. Had that been so, it would’ve dealt an exponentially greater damage to the global IT infrastructure. The only way to safeguard ourselves from such likelihoods is by protecting each and every layer of our digital perimeter that stands to be vulnerable. It can be done by a range of F-Secure products and services based on individual business requirement and IT framework.”

Safeguard from Cyberattacks 

Though in recent times we have not noticed any cyberattack based on AI or Big Data, but there is a possibility of such kind of attacks which cannot be overlooked. If this takes place, many global IT systems will crumple.  

“Technology, as advantageous as it is to us, offers a similar advantage to cyberattackers as well. Thankfully, we haven’t yet observed advanced Artificial Intelligence and Big Data-driven attacks, but it is still an imminent possibility. Global cyberattackers are, sooner or later, going to develop new TTPs (Tactics, Techniques, and Procedures) using these state-of-the-art technologies, and if they manage to do it effectively, a majority of global IT systems are destined to collapse,” mentions Martin.  

Explaining further, Martin adds, “In cybersecurity, the best protection has always been in maintaining a prudent approach vis-à-vis the prevalent and emerging challenges. At present, the average industry dwell time is 99 days. This means a cyberattacker has an undetected access for an average period of 99 days within a network until the threat is finally detected and remediated. However, at F-Secure, we’re able to detect and conduct remediation within 30 minutes by leveraging disparate technologies, including Artificial Intelligence. Businesses must cherry-pick cybersecurity solutions, considering what they stand to lose in an eventual cyberattack. And as the cyberattacks are continuing to become more dynamic, it is apparent that they stand to lose everything.