In a few previous articles, we’ve discussed the power and potential of machine learning capabilities in endpoint security solutions. A branch of artificial intelligence, machine learning learns and adapts to new programs in enterprise digital environments without receiving explicit programming by IT security professionals. By learning automatically, machine learning artificial intelligence can automate better threat intelligence and recognition.
Indeed, the automation artificial intelligence provides has become increasingly crucial as of late. The cybersecurity staffing crisis limits the size and capabilities of enterprise cybersecurity teams have their disposal. Digital transformations, the everyday demands of the digital marketplace, and the rise of bring-your-own-devices culture have increased the number of endpoints in the average enterprise to the hundreds, if not the thousands. In short, teams are stretched too their limits, and any tool that can relieve some of the burden on them is welcome.
Yet like so much in cybersecurity, artificial intelligence has a potential dark side—one that hackers are beginning to exploit. So many new endpoints in the enterprise IT environment represent new attack vectors, and artificial intelligence can strengthen the cyberattacks endpoint security solutions must weather on a daily basis. Spearphishing attacks, fileless malware, evasion techniques—artificial intelligence can bolster all of these, as well as automating those attacks to make hackers’ lives easier.
We looked at some of the numbers surround malicious artificial intelligence in regards to endpoint security. Here’s what we found:
800 users targeted, 6.75 tweets per minute—the rate of spearphishing tweets conducted by an artificial intelligence program, as found in an experiment by ZeroFOX.
275—the number of victims successfully tricked by the experimental program.
129 attempts, 1.075 tweets per minute—the rate of the human control in the same experiment.
49—the number of victims successfully tricked by the ZeroFOX human control.
30%—the boost to the success rate of phishing attacks thanks to artificial intelligence, according to ERPScan CTO and Co-Founder Alexander Polyakov.
62%—the percentage of cybersecurity professionals, in a poll by artificial intelligence-oriented endpoint security solution provider Cylance, who in 2017 believed that AI would be used by hackers.
98%—the current accuracy of machine learning programs sidestepping Google reCaptcha protections.
Furthermore, evidence suggests that hackers are using artificial intelligence to increase their malware creation capabilities, which could overwhelm legacy endpoint security solutions:
250,000— the new malicious programs created every day, according to the AV-Test Institute in 2017.
4.2 seconds—the length of time between the emergence of new malware specimens in Q1 2017.
72 million—the number of unique URLs documented as malicious in a single quarter in 2017.
70% to 90%—the percentage of cybersecurity breaches originating at endpoints.
95%—the percentage of phishing attacks resulting in a breach occurring immediately after a software installation.
50% to 70%—the percentage of 2017’s malware attacks exploiting vulnerabilities reported more than nine months prior, according to the Cylance 2017 Threat Report.
The situation is deeply concerning for enterprises around the world. The Head of Security Research at Cylance Aditya Kapoor put it best in a statement in a press release concerning Cylance 2017 Threat Report: “The attacks and threats of 2017 are a reminder of the ingenuity and destructive capabilities of threat actors. All indicators point to a perfect storm with the explosion in the number and types of endpoints requiring protection, the rise in the diversity of attack types, and the ease with which they can be accessed and weaponized.”