Security teams have to handle more threats of greater complexity than ever before. Attackers are getting extremely efficient at creating updated versions of malware. Signature-based technology is effective at stopping 30% to 60% of threats and machine learning takes the effectiveness up to 80% to 92%. But, malware can evade signature-based detection. Well trained cybersecurity professionals find it difficult to catch up with these threats.

FireEye, Microsoft and Google are developing innovative AI approaches to detect malware, stymie phishing campaigns and monitor the spread of disinformation. Microsoft’s Cyber Signals program that uses AI to analyze 24 trillion security signals, 40 nation-state groups and 140 hacker groups to produce Cyberthreat intelligence for C-level executives. The U.S Department of Defense and the National Science Foundation recognize the potential of AI for cybersecurity and have invested tens of millions of dollars to develop advanced AI tools for extracting insights from data generated from the dark web and open-source software platforms.

Eight out of ten ransomware attacks were self-installed, of which the network users unwittingly infected by opening a malicious file containing malware. Artificial intelligence and machine learning can be used to automate repetitive tasks immediately shutting down its network connectivity to save the rest of the company from a dangerous infection. Intelligent automation can gather research about security incidents, pulling in data from multiple systems and assembling it into a report ready for analyst review.

IBM’s managed security services team used AI capabilities to automate 70% of alert closures and speed up their threat management timeline. They confirmed AI-enabled analytics can help discern the jargon and code words hackers develop to refer to their new tools, techniques and procedures. The worry is  how the well-documented AI problems of bias, fairness, transparency and ethics will emerge in AI-based cybersecurity systems.

AI can be considered a double agent in terms of its role in Cyber Security. Malicious attackers are using AI methods like reinforcement learning and generative adversarial networks, which generate new content or software based on limited examples, to produce new types of cyberattacks that can evade cyber defenses. Software companies can be secretive about how their systems work and they do at least know how it works. But, how the code by AI system works is a mystery even to those who developed the AI. This poses an enigmatic problem for those that wish to impose policies and regulations on it. For instance, ChatGPT is designed to be extremely cautious about creating or revealing anything that is straightforwardly malicious or unethical. However, it is not as cunning as a human in trying to social engineer it into doing so.  The AI will reveal or create more than if it deals a straight question.

AI systems ‘understand’ something based on what it is programmed to understand. That is the key difference between living things and AI systems. As humans have become good at having AI understand our context, AI hasn’t still really ‘understood’ it. AI can hallucinate as humans could in schizophrenia. The enigma is that AI can generate fake news to harm humans! AI couldn’t be given power to make decisions to kill live human beings.

Blue Team Con 2023, on 25-27 August in Fairmont Chicago, Chicago, IL, U.S.A-the only nation’s annual in-person conference by the industry’s leading cybersecurity minds-will discuss the threats that security experts are facing and help us defend against them ourselves. Talks are hosted by cybersecurity leadership at Meta, Gitlab, Amazon, Microsoft, IBM, The Department of Homeland Security, and more. On-site training opportunities dive deep into cybersecurity threat scenarios and defense strategies. It’s focused on preventing a breach rather than reacting to growing and evolving cybersecurity threats.


An EXPLOIT can appear as a code to exerts its attack on a software vulnerability or security flaw. Both security researchers and malicious hackers can write it to intrude into a remotely acessed network. The actors can gain prevalent privileges or interfere deeper into the network.

This code can compromise the security and privacy of computer systems-that’s called MALWARE. Its aim is invasively designed to infect and disrupt varied devices in different way. Variant accesses can be designed to become a software attacking the host computer. This capacity of malware makes itself different from a virus that infects; then spreads through a device whenever the file or program is run.

SPAM EMAIL can attack by blazing a path for scareware to invade through a hidden trick. It enticed victims into buying worthless items or services. Hackers then use the stolen details to widen their criminal plots known as identity theft.

A SCAREWARE attack can be also launched through pop-ups aka adware that warn them of infected files and offer a solution. Victims are falling under such a socially-engineering tactics in needing a prompt fix to the problem. This scare paid for buying a fake software that instead fix an issur; steal the user’s data in a purportedly provided program.

Users must be forced to pay the ransom in case of RANSOMWARE. These victims get a decryption key to pay it through certain online payment. Infected systems were encrypted to prevent or limit the users from accessing their systems, lock the system’s screen or lock the users’files.

Sensitive information can be obtained by a type of intrusive software called SPYWARE. Any devices of the victim such as computer, smartphone, camera, microphone even other parts can be monitored and accessed by a spyware.

A VIRUS attaches itself and becomes part of another executable program and is called WORM. It’s a self- replicating program very similar to a virus. This worm is often designed to good use of the file transmission capabilities found on computers. However, a worm is self- contained and does not need to be part of another program to promote itself. John Brunner used it a 1970s science fiction novel titled “The Shockwave Rider”.

Different crypto viruses use different encryption algorithms. These viruses can decipher the language used to lock your files. The way the encryption works is that the victim’s files have blocks or segments of the core data changed to reverse the process and scare people into visiting spoofed or infected websites or downloading malware. Cybercriminals come in to render your files or extort them no longer openable state.

The BUG becomes quite complicated as it has been widely used in software development. In fact, it’s possible to best describe an issue causing a software to behave in an unexpected or unintended effect by both users and developers.

The Greeks had finally succeeded in capturing the long besieged city of Troy. This TROJAN HORSE’s myth has still lived on until now. It lives in an unfaltering connotation. Any computer can get bust in unnoticed havoc with a malicious digital pest. It stood for a masterful feat done in a brilliant trick. It does this by reading passwords, recording keyboard strokes or opening the door for further malware that can even take the entire computer hostage. Data are deleted, blocked, modified or copied and entire performances of a computer and its networks are engineered to get besieged in a quagmire of deadlock.

You may also like...