When machine learning is hacked: 4 lessons from Cylance TechBeacon

Artificial intelligence (AI) has become all the rage in cybersecurity circles, but a recently discovered universal bypass of a machine-learning (ML) algorithm in BlackBerry's Cylance cybersecurity suite offers some valuable lessons for organizations mulling AI security solutions. The bypass was discovered by researchers at Skylight, a firm founded by Israeli government security veterans Adi Ashkenazy and Shahar Zini. After a careful analysis of Cylance's antivirus product, the researchers discovered a bias toward a particular game. They leveraged that knowledge to craft a universal method for bypassing the software by simply appending a selected list of strings to any malicious file. The method was 100% successful for the top 10 malware programs for the month of May--and 90% effective for a larger universe of 384 malicious applications, the researchers said.