Posted on 5th February 2019 by Andrew Wells BA (Hons) ACII, Commercial Director
As a society we are constantly edging closer to complete autonomous problem solving. This is being rolled out across a huge number of industries with insurance being quite accepting of this new technology.
One price comparison site for example, has recently advertised that its ‘machine learning’ will automatically scour the market for alternatives, in advance of your renewal date, to see if there is a cheaper quote out there, saving you that annual rigmarole of searching and comparing the market for a better renewal quote.
Your phone has been operating in this way for some time now, learning your regular journeys to let you know how long it will take to get to your destination.
Your social media accounts and online browsing often leads to appropriate advertisements popping up at seemingly perfect moments enticing you to buy.
The misuse of machine learning
While this is all very convenient, we are already starting to see this technology being used for more sinister purposes, in particular by cyber criminals.
Fast becoming one of the most talked about cyber trends of 2019 is how machine learning will be developed to make cyber-attacks more efficient and widespread than ever before.
Well known cybersecurity firm ESET, commented in their December report, that criminals are very quickly adapting technology to maximise their impact whilst keeping costs to a minimum.
Three main areas are mentioned by Lysa Myers of ESET in her report and these were as follows:
The first is acquiring a target. Instead of the older versions of ‘ransomware’ which encrypt everything in a specific order, whether valuable to the victim or not, autonomous systems are being used to filter through the target organisations database, picking out only the most valuable information to encrypt and therefore making a ransom payment increasingly likely.
The second is exploiting potential victims through enhanced social engineering. Chatbots can be used to infiltrate legitimate websites, making users click on a corrupted link after gathering data of online journeys and patterns of usage. This ultimately means that when a phishing exercise is deployed to targets, they aren’t using a generic approach which is easy to spot, rather a bespoke one, substantially increasing the chances of success.
The third relates to minimising the level of detection and interruption that attacks were receiving from anti-virus protections. Machine learning will allow malware to learn which elements of their makeup are being detected and adapt to evade detection.
All of this is worrying news and a strong sign that rather than going away, cyber-attacks are still very much on the rise and are set to potentially get more efficient.
Caunce O’Hara’s advice remains to not only enlist the services of software to protect your business, but also enforce a robust Cyber Liability and Commercial Crime policy.
In the constant game of ‘cat and mouse’, there will always be cyber-attacks that get through security firewalls, and when they do it will be your insurance policy that you rely on for rescue.
Back to News