Beware Of AI Assisted Ransomware

Businesses are increasingly using AI and machine learning in their business applications from natural language learning, data analysis to completing simple and repetitive tasks. You’ll find AI in customer service platforms like chatbots, accounting and bookkeeping to marketing systems and it’s prevalent in sectors such as healthcare, finance and banking, education, transport and technology.

However, AI and machine learning are not only used for good, cyber attackers hard at work developing new strains of AI-powered malware, and intelligent smart phishing.

Over the past year, the statistics for cybercrime are worrying Governments and businesses with Ransomware (a type of malware) accounting for more than $11billion in damages. That figure is expected to keep growing.

A new business is infected by Ransomware every 14 seconds according to cybersecurity firm Cytellience, who also infer that within a few months, i.e. by 2021, 327 new websites will be compromised every hour, or one business every 11 seconds!

So with it already considered an epidemic, what exactly is Ransomware and what’s been done to fight it?

Ransomware Explained

Ransomware is a type of malware that prevents user access. The super-smart AI-powered malware can bypass the usual antivirus and malware intrusion detection systems to lock down files by encrypting them from access until a ransom paid. Once payment is received, the cybercriminals provide the decryption key that unlocks the files so the user can access them.

The AI component of Ransomware does some clever stuff like conceal the conditions needed to unlock the files as well as deploy untraceable malicious applications, but it doesn’t stop here. Just like businesses use AI for language learning, so too can the malware be trained to recognise types of content and be on the lookout for specific words and listen to the voice prompts.

Face recognition log in is popular now too so of course, the smart malware can be trained to recognise images. Cybercriminals are also using advanced image APIs for face recognition on webcams, and security cameras.

Hackers get a lot of personal information or data from the dark corners of the Internet, aka ‘dark web’. For example, where you shop online or do your personal banking data can be stolen, and it often ends up on the dark web where it is traded to hackers who can use it in their malware. Open source tools are also the target of hackers where they can compromise website, servers and cloud infrastructure. Read now this easy to read article on eight common malware infections.

So with the influx of smart hacking, what can we do to protect data and devices, so we’re not victims of a malicious cyber attack?

Security Must-Dos

Irrespective of size, all organisations need to do carry out basic security tasks. Here is a list of security ‘must-dos’ for you and your staff.

Passwords

Use a password manager and make sure you use a strong password and change it regularly.

All staff need to also use the password manager to gain access to business systems.

If you’ve got SmartTVs, you should remove the default login credentials and replace with a unique login. Remember to update it every few weeks or months.

WiFi

Lock-down your WiFi network at work and at home so it’s ‘private’, and all users need the login. Create a pared-down login for guests for limited WiFi access and change the login regularly.

Firewalls, AntiSpam Filters

Using firewalls to monitor traffic coming in and going out can be set up to create a barrier between your business networks and external networks. Also, use AntiSpam filters to prevent access from untrusted sites and ensure your staff have antivirus software to protect devices, email and web activity.

VPN

Going a step further with your Internet access, use a VPN when you’re accessing your bank or other sites that have your financially sensitive personal data.

When you’re using public WiFi, always use your VPN. The use of a VPN is to prevent eavesdroppers, i.e. ISPs knowing your browsing activity. With a VPN, your Internet activity is encrypted and untraceable so hackers can not get access to it.

Multi-Factor Authentication

At a minimum use two-factor authentication, or at best multi-factor so access to sensitive sites is only allowed after the presentation of at least a couple of pieces of evidence.

If you’re tardy with changing your passwords using multi-factor authentication does provide that extra level of protection.

Routers

When was the last time your routers where rebooted? According to cnet.com the FBI recommended rebooting routers to thwart Russian hackers.

A reboot or ‘power-cycling’ can reset the filters, fix network and connectivity issues – so at the very least it’s worth regularly doing.

Cybersecurity Policy

Engage a cybersecurity advisor for recommendations beyond the basics actions presented here. With their input, create an IT Cybersecurity Policy and a task force to manage it, including auditing and regular maintenance.

The threat of a cyberattack is ever more present. While tech firms are attempting to outsmart or at least contain Ransomware and other malware attacks, business owners and users, have a personal responsibility to do all they can to prevent an attack on their assets.