Spread by a corrupted email attachment and supercharged by a worm, the malware encrypts files and demands a ransom before users can regain access to their data. Traditional security tools aim to stop threats like these at the network border, but they are routinely circumvented by never-before-seen threats like WannaCry.
The attack was indicative of an emerging trend in cyber-warfare. There is a whole ecosystem of criminals and they can buy malware inexpensively on the dark web, while exploiting previously unknown vulnerabilities to wreak havoc. The WannaCry attack was halted almost by accident, when a kill-switch was discovered, but we might not be as lucky next time. The second wave of copycat attacks is already upon us and as human security teams are outstripped in their capacity to keep threats at bay, we should turn to AI technologies that can detect and stop brazen, fast-spreading attacks in their nascent stages, before they have inflicted damage.
These technologies operate on the same principle as the most powerful biological system – the human immune system. They learn a sense of ‘self’ for a network, detecting and fighting back against threatening anomalies in real time with ‘digital antibodies’. In the human body, this approach equips us to defend against novel, constantly evolving viruses and bacteria. In the network, this fundamentally new approach to cyber-security is designed to take precise, remedial action to detect and stop sophisticated threats like WannaCry within minutes of them emerging on a network. The automatic response technology augments human security teams – it acts in real time, slowing down or stopping compromised connections and devices before damage is done, and without impacting normal business operations.
Using this new class of AI technology, a number of organizations successfully detected and contained WannaCry last Friday – much to the relief of their security teams. Developed by Darktrace, the Enterprise Immune System detected the early signs of WannaCry and alerted its affected customers within minutes as the malware attempted to spread laterally, proving that AI technology is capable of defending against even the fastest-spreading strains of malware.
WannaCry should serve as a wake-up call. Modern cyber-attacks strike at a moment’s notice, and routinely bypass solutions that rely on rules and signatures. In this new era of threat, organizations have to arm themselves with intelligent, self-defending technology that will catch the earliest indicators of the next WannaCry, before they have even noticed.
David Masson is Canada Country Manager of Darktrace.
SAMSUNG GALAXY S8 PLUS
The Samsung Galaxy S8 Plus is a beautifully crafted smartphone with nearly no bezel, curvaceous in design and reflects a…
How to: Connect to Exchange Online Using Multi-Factor Authentication
Using PowerShell to manage your Microsoft cloud services like Exchange Online and using multi-factor authentication (MFA) separately is awesome. Using…