There has been a lot of hype around AI to the point where some people are simply tuning it out. I think this is a mistake. While there are limits to what AI can do, there also are sophisticated attacks that we'd miss without it. The need for AI is driven by three fundamental yet significant changes in the enterprise computing environment. Taking all of these factors together leads me to believe that AI is not only a viable solution, but it may be the only solution.
Moore's Law, advocated by Gordon Moore of Intel fame, says that the computational capabilities will double every 18 to 24 months. And we've seen that really unfolding over the last 30 years (see chart). It's really stoked people's imagination, so much so that many believe that the promise of artificial intelligence (AI) could become reality, and computers could actually learn to think like humans. I believe it's still a number of years away, but it is fueling a lot of hype regarding AI. What it's truly capable of, where it can be effective, and what it takes to implement it, all of which have become somewhat inflated in the market today.
A cyber espionage group is deploying a new type of trojan malware against telecommunications, information technology, and government organisations. Dubbed Seedworm, the group has been operating since at least 2017, and although it predominantly looks to infiltrate organisations in the Middle East, organisations based in Europe and North America have also been targets. The hacking operation -- also known as MuddyWater -- has been highly active in recent months and researchers at Symantec say the espionage campaign has stolen information from more than 130 victims across 30 organisations since September this year. The attacks appear to be focused on stealing passwords, especially for web accounts, as well as internal communications data and other information. Seedworm's latest campaign was uncovered after researchers discovered evidence of activity on a computer inside the Brazil-based embassy of what Symantec refers to as "an oil-producing nation".
The Silence malware drops allow attackers to stealthily monitor everything going on the screen of an infected user. A previously unknown but highly organised hacking group is carrying out a series of cyber attacks against banks and financial institutions around the world, deploying trojan malware to gain entry into networks. The attackers are capable of monitoring everything a victim does in order to provide them with all the information they need to sneak around bank networks and make off with stolen funds. Uncovered by Kaspersky Lab, the'Silence' hacking group is suspected to be a Russian-speaking operation which has hit at least 10 financial organisations including those in Armenia and Malaysia, but mostly within Russia. The initial attack techniques of Silence campaigns are similar threat actors including the infamous Carbanak group - initial victims are tricked by phishing emails which give the attackers a foothold into the network.