Darktrace’s new AI automatically stops cyber attacks

461 views
0

WHY THIS MATTERS IN BRIEF

  • AI’s are increasingly being deployed to expose and eliminate cyber security threats and now fully autonomous cyber security platforms, that take humans out of the loop, are becoming a reality


 

With the number of cyber attacks rising exponentially and with many organisations now reporting hundreds of thousands of attacks an hour, or more, it’s no secret that human cyber security analysts are struggling to keep up with the pace, and variety of attacks. Consequently it’s little wonder that vendors are turning to artificial intelligence (AI), such as the Robo-Hackers that took part in DARPA Capture the Flag Challenge, to automate as much of the process as possible – from identification to remediation.

 

RELATED
Canadian province votes to trial Universal Basic Income

 

A few years ago Darktrace, a cyber security company founded by a team of mathematicians and machine learning specialists from the GCHQ, MI5, and University of Cambridge, broke cover and announced its revolutionary new approach to identifying  and countering zero day and other hard to find cyber attacks. Maths and artificial intelligence (AI). A truly deadly combo.

What made the company unique though, and one of the reasons why it’s now one of the darlings of the cyber security industry with more Fortune customers on its books than you can shake a stick at, was its approach – they created what they call an “Enterprise immune system,” fashioned after the human immune system. Think of how the human body is able to identify, respond to and eliminate bacteria and diseases it’s never encountered before, and now apply that same concept to cyber attacks, and you’ve got the basic concept.

 

An overview of Darktrace’s Artificial Immune System
 

Now, Darktrace has unleashed a new weapon in its cyber security arsenal, a product called Antigena that generates the equivalent of “Digital antibodies,” small snippets of antibody like code which permeate an enterprise organisations network looking for threats that can identify in progress attacks and either counter them, automatically, and create self-defending networks, or slow them down enough to let human security analysts get a handle on them.

While Antigena is still pre general release it already seems to have at least one guaranteed customer after it automatically identified and stopped a Brexit themed data protection threat. Think Snowden on a miniature scale, anglicise him, and you get the idea.

One company that trialled the system was recently alerted to an insider threat, and while it was a mundane “attack” it’s also one of the most common and one of the hardest attacks to identify and stop. In their case a previously exemplary employee had reacted angrily to his company’s strategy for dealing with Brexit and had dug out confidential documents with the intention of leaking them, but Antigena spotted the move and terminated it.

 

RELATED
Intel enters the self-driving car market

 

“It’s an interesting example, not because of Brexit, but because this staffer never leaked anything in the past and he had a perfect track record,” said Dave Palmer, DarkTrace’s Director of Technology, “this made such a threat hard for human analysts to spot and counter, but [our system] blocked the documents from leaving the organisation.”

“Antigena is all about making smart or autonomous decisions and actions to stop the unexpected from happening so we can buy security teams time to respond,” said Palmer, “the system has your back on things that you weren’t expecting to happen.”

For its part Antigena also, genuinely, appears to be learning, and Palmer rather strangely suggests that customers don’t even look at it for the first week, saying that it accumulates most of its crime fighting intel during the first month, peaking at a year of learning on a system.

Some attacks though are easier to spot than others and it requires subtlety to notice a carefully crafted insider attack, while a ransomware attack, on the other hand “looks like a “bomb going off in the environment.” But just noticing an attack isn’t enough because in the majority of cases by the time they’ve been identified it’s already too late to stop them and it just becomes a damage limitation exercise – that’s where Antigena steps in to neutralize threats automatically.

 

RELATED
Chatbot overturns 160,000 parking tickets

 

While the new system is still going through trials it’s one of the first examples of a commercially available AI that’s been designed from the ground up to automate the entire cyber security “kill chain,” everything from initial identification all the way through to remediation. And, where practical, it’s designed to automate security and take human analysts out of the loop.

However, as organisations toy around with unhackable code and as next generation cyber security organisations, such as the ones who entered last year’s DARPA Cyber Grand Challenge, where twelve of the world’s best robo-hackers were pitted against each other, play cyber war games trying to hack each other while at the same time trying to identify and fix vulnerabilities in their own systems, one of which is now tackling botnets, it won’t be long before we begin trusting AI with defending our organisations crown jewels.  Automatically.

About author

Matthew Griffin

Matthew Griffin, Futurist and Founder of the 311 Institute is described as “The Adviser behind the Advisers.” Among other things Matthew keeps busy helping the world’s largest smartphone manufacturers ideate the next five generations of smartphones, and what comes beyond, the world’s largest chip makers envision the next twenty years of intelligent machines, and is helping Europe’s largest energy companies re-invent energy generation, transmission and retail.

Recognised in 2013, 2015 and 2016 as one of Europe’s foremost futurists, innovation and strategy experts Matthew is an award winning author, entrepreneur and international speaker who has been featured on the BBC, Discovery and other outlets. Working hand in hand with accelerators, investors, governments, multi-nationals and regulators around the world Matthew helps them envision the future and helps them transform their industries, products and go to market strategies, and shows them how the combination of new, democratised, powerful emerging technologies are helping accelerate cultural, industrial and societal change.

Matthew’s clients include Accenture, Bain & Co, Bank of America, Blackrock, Booz Allen Hamilton, Boston Consulting Group, Dell EMC, Dentons, Deutsche Bank, Deloitte, Deutsche Bank, Du Pont, E&Y, Fidelity, Goldman Sachs, HPE, Huawei, JP Morgan Chase, KPMG, Lloyds Banking Group, McKinsey & Co, PWC, Qualcomm, Rolls Royce, SAP, Samsung, Schroeder’s, Sequoia Capital, Sopra Steria, UBS, the UK’s HM Treasury, the USAF and many others.

Comments

Your email address will not be published. Required fields are marked *