Conquering AI makes all the difference in stopping fraud
Cyberattacks can sometimes feel systemic. As soon as a new innovation emerges out of the modern digital age, cybercriminals tend to quickly find ways to exploit it.
The Internet of Things transformed into a major new attack vector, social media became a reliable source for enabling targeted spear phishing scams, and now artificial intelligence (AI) and automation are allowing cybercriminals to optimize and scale their attacks.
Often posed as the answer for combating cyberattacks, AI and automation are always operating on the other side of the coin these days too, frequently in the form of bots attacking financial services organizations. Unsurprisingly, it often requires organizations leveraging these technologies themselves to keep up. Let’s explore a few of the key ways AI and automation can be both a friend and foe to cybersecurity.
Bots are nothing new to the security industry. A malicious bot is a form of self-propagating malware that infects innocent devices and places them under the control of a centralized server. This creates a botnet, which cybercriminals can instruct through a command and control server to enact massive distributed denial-of-service (DDoS) attacks. These large-scale DDoS attacks are all possible because of AI and automation, which give bots the ability to send repetitive traffic to a singular source.
The 2016 Dyn DDoS attack is a well-known example of a successful DDoS attack, which involved an infamous botnet named Mirai. Once malicious bots enslaved hundreds of thousands of innocent devices via Mirai, the botnet was able to take the entire East Coast offline for a couple of hours. It prevented users across the coast from being able to access popular sites such as Amazon, Twitter, Spotify, Netflix, and many more. And the attacks haven’t exactly stopped there.
Imperva has found that not only is the number of overall DDoS attacks increasing, but they’re also growing in size, whether that’s application layer attacks or network layer attacks. This can largely be attributed to the increase in malicious bots; in fact, Imperva has found that over 20% of all internet traffic in 2018 was bad bots.
Most DDoS attacks have the same general goal – disruption of service – but the motivation behind that for attacks on the financial sector is usually money. At least, recent attacks have indicated as much. Just take the Mirai-style IoTroop botnet for instance, which was leveraged to conduct targeted DDoS attacks against a handful of financial sector institutions – some being Fortune 500 firms. These attacks slowed down website response time and even temporarily disrupted customer services, potentially stifling transactions and damaging customer trust. Other DDoS attacks on financial services organizations serve as a smokescreen, as cybercriminals used the attack to cause a diversion while they attempt to commit fraud using stolen customer or bank employee credentials.
In terms of financial impact, DDoS attacks can be extremely damaging, as any business downtime or even slowdown results in lost revenue, to such an extent that it can drive smaller companies into liquidation.
Just as AI technology is being leveraged by hackers to create botnet armies, it can be utilized by organizations to better detect these very attacks. When AI technology is integrated into security infrastructure, application and network traffic are automatically monitored and thousands of security events are correlated and distilled into a few key security narratives. These narratives then help security teams easily identify trends, locate potential threats, and block incoming attacks.
By leveraging a security solution infused with AI, security teams can stop DDoS attacks in their tracks. And it seems that impact is not lost on many businesses, as more than 90% of IT security organizations have invested in machine learning and/or AI technology to combat advanced threats, with 80% already seeing a difference.
By leveraging the right AI-powered security solutions, organizations can not only better keep up with cybercriminals now, but they’ll also have the efficiency and adaptability to sustain a strong security posture in the future – even as the bots keep growing and the attacks keep evolving.