Rising cyberattack frequency and costs point to the need for a better approach to security. Attacks occur an average of once every 39 seconds, and the cost of a breach could exceed $150 million by 2020. Although businesses and organizations are aware of these threats, it still takes about six months to detect breach activity. Long delays between initial network compromise and security responses allow hackers to make off with large amounts of data, as was seen in the 126% jump in the total number of records stolen between 2017 and 2018.
Recent news shows no company, service or even country is safe from attack, but some promising changes in security programs and cybersecurity tools indicate an increasing understanding of threats and the steps necessary for prevention.
Creative Cloud Compromise
A “misconfigured” prototype environment is likely to blame for a breach at Adobe, which exposed information from almost 7.5 million Creative Cloud accounts to the public. The open database was discovered on October 19 and could have been exposed for a week or more. No names, passwords or credit cards were compromised, but hackers could have gotten their hands on email addresses, member IDs, product subscription information, payment status and other details.
The breach could have wide-ranging effects if hackers use email addresses and member IDs to launch phishing attacks in an attempt to collect passwords from unsuspecting Adobe subscribers. Replying to these emails and sharing credential information puts users’ accounts at risk may open the door for more malicious activity in the future.
Widespread Cyberattack Hits Multiple Targets Around Georgia
Over 2,000 websites were compromised in an attack in Georgia on the afternoon of October 28, including those of the country’s president, various courts, businesses, newspapers and media outlets. An additional 15,000 pages hosted by Proservice were also affected when the web hosting company was hit by the breach. The attack replaced many website home pages with an image of former Georgia president Mikheil Saakashvili standing in front of a banner bearing the words “I’ll be back.”
Georgia’s national TV station, Imedi TV, suffered a blackout as a result of the attack, and some computer systems remain compromised. Imedi stations and those of Maestro, another major broadcaster, went off the air, leaving the country’s residents without access to normal programming. Known vulnerabilities and a lack of strong cybersecurity may have contributed to the country-wide breach. The source of the attack is unknown, although some are pointing the finger at Russia as investigations continue.
Artificial Intelligence in Cybersecurity: Where to Now?
New and more complex forms of cyberattacks are allowing hackers to surpass the abilities of human IT teams to detect and respond to malicious activities on enterprise networks. In an ideal cybersecurity environment, systems would make use of predictive measures to create defenses against breaches before attacks occur. With artificial intelligence (AI), this model is closer to becoming a reality.
AI systems can use machine learning to track activity and create detailed profiles of users and how they interact with networks. By monitoring across the entire user lifecycle, AI tools can identify who accesses a network at what times, the actions they typically perform and the devices they prefer to use. This expands cybersecurity far beyond pre-determined parameters and single devices to create a holistic approach enterprises can use to enhance security protocols and respond to a diverse range of threats.
Using known breach characteristics to build data sets feeds more information into AI systems and increases the sensitivity of both monitoring and detection, which increases the accuracy of risk level predictions and enables dynamic responses when malicious activity is discovered. However, because the technology can still be subject to errors, AI can’t replace human teams entirely. It’s best used as an additional tool to improve threat hunting, speed up incident responses and minimize false positives so that IT teams can focus on bigger security issues.
Although $6 trillion in global cybersecurity spending is projected for 2021, 77% of organizations still lack cybersecurity incident response plans. The continued shortage of cybersecurity professionals presents a challenge for those seeking to develop and implement better solutions. Properly addressing threats, securing systems and leveraging the power of AI requires a detailed security plan and the help of a professional IT team to meet the evolving security needs of enterprises and government agencies.