How deep learning tech is changing the cybersecurity game

APART from highlighting the digital vulnerabilities in tertiary education institutions, the revelation of cyber attacks on four main Singaporean universities last week has caught the attention of cybersecurity experts.

One of them is Stuart Fisher, Senior Vice-President of Deep Instinct, a cybersecurity startup that sees itself revolutionizing the cybersecurity industry through the application of deep learning.

To recap, the Cyber Security Agency of Singapore (CSA) and the country’s Education Ministry said last week that they received information about the breaches affecting at least 52 online accounts.

The incident was found to be a phishing attack where unsuspecting users were directed to a credential harvesting website. Credentials were then used to gain unauthorized access to the institutes’ library website to obtain research articles published by staff.

Fortunately for the universities, no sensitive information was leaked, and the incident did not appear to be linked to other attacks last year. However, it now serves as a stern reminder that something drastic must be done to thwart repeated attempts by cybercriminals.

Weighing in on the matter, Tech Wire Asia reached out to Fisher for his insights on how universities, and even companies, can keep up with the cybersecurity game by leveraging deep learning’s predictive capabilities.

How deep learning technology is changing the game of cybersecurity in Singapore and beyond, preventing hacks before they happen and keeping organizations of all kinds and sizes ahead of security issues

With millions of highly malicious and automated malware mutations created every day, Cyber Security Agency of Singapore reported that cybercrimes in Singapore nearly doubled in proportion between 2014 and 2016, rising from 7.9 to 13.7 percent. Year on year, the amount that Singapore-based companies lose due to data loss or unplanned downtime from cybercrime keeps increasing, indicating that traditional cybersecurity solutions are no longer effective protection against ever-evolving threats

Deep learning is the most advanced subset of artificial intelligence. Also known as “deep neural networks,” and is inspired by how the human brain works. The more data that is fed to the machine, the better it is at intuitively understanding the meaning of new data – and, therefore, does not require a (human) expert to help it understand the significance of each new input. Over the past few years, deep learning has reached a 20-30 percent improvement in most benchmarks of computer vision, speech recognition, and text understanding. Deep Instinct is the first company to apply deep learning to cybersecurity.

How lack of proper security measures exposes enterprises and institutions to attacks

Cybersecurity threats remain one of the biggest challenges for the enterprise as they are becoming growing targets for cyber-attacks because they are perceived as low hanging fruit.

The scale of security spending will increase as cyber threats and their business impact become common knowledge. Attacks are becoming more frequent and intelligent, and organizations are engaged in an arms race to protect themselves.

Real-time identification – utilizing a deep learning prediction model – prevents known and unknown malware from harming the system.

Ongoing, proactive protection should appeal to enterprises that need to protect their assets against constantly evolving cyber threats. The growing number of endpoints, mobile devices and IOT devices will continue to dramatically increase the security risks of enterprises.

How weak passwords are major attack vectors for most data breaches

Most data breaches are caused by the “human factor.” Within this category, weak passwords continue to be a major attack vector.

According to the 2016 Verizon DBIR, legitimate user credentials were used in most data breaches, and 63 percent of these breaches involved using weak, default, or stolen passwords.

The major risk posed by weak passwords is that hackers can easily succeed in their brute force attacks, which are attempts to crack the password and gain access to the user’s account. This makes it very easy for a hacker to penetrate into a company.

Why prevention is better than detection, and how all organizations should be thinking about advanced security measures as more and more data is generated and stored-

The focus of cybersecurity will continue to shift from detection to prevention. With the daily growth of zero-day threats and APT (Advanced Persistent Threat), attacks, endpoint security solutions offering detection without genuine prevention no longer suffice.

Quicker post-breach prevention analysis will surface as critical in enterprise security methodologies

Additionally, the increase in new zero-day attacks that can evade sandboxes and the prevention limitations inherent in detection based dynamic-forensics (most EDRs) give rise to cybersecurity solutions that can provide real-time prevention and not just detection.

With the convergence of End-Point Protection (EPP) and Endpoint Detection Response (EDR), traditional endpoint protection and antivirus vendors will start integrating EDR capabilities.

“‘Detection only’ isn’t acceptable anymore – with the ransomware epidemic, it can be too late from time of detection to taking action. Therefore, autonomous real-time prevention is the only true security measure.”

---

---

---

---