The battle against cyber-criminals needs to be led from the top: using AI

By on
The battle against cyber-criminals needs to be led from the top: using AI
Cyber defence is a fundamental enabler of a safer digital future.
Photo by Michael Dziedzic on Unsplash

The recent high-profile cyber-attacks against the Federal Parliament and Nine Network are a sobering reminder that the cyber-threats organizations face today have become existential business risks.

More than ever before, business leaders must accept the reality that defending against more dangerous threats is simply not solvable by adding more humans to the mix. Rather, advanced technologies that autonomously fight back at speed and scale are the answer.

A New Reality

We have entered a new paradigm in the global cyber landscape, and signature-based approaches which rely on yesterday’s attacks to predict tomorrow’s threats no longer make the grade. Today’s cyber-threat landscape is evolving at an unprecedented speed and necessitates defensive technology that adapts in lockstep with fast-changing digital infrastructures, thwarting threats as soon as they emerge without any human intervention.

But it’s not just the technologies we use to combat threats that must change – it’s also who needs to be paying attention. The cyber-attacks against Federal Parliament and Nine Network resulted in serious consequences, and the fact that the attack caused major sources of news for many Australians to be disrupted is chilling. What if the attack had affected critical public announcements, such as the flooding of NSW, or 2020’s devastating bushfires? These events come over two years after alleged nation-state attackers gained widespread access to the Australian Parliament. While this 2019 attack should have served as an important wake-up call – this latest incident is the last canary in the coal mine.

For this recent attack, the question remains over how long the hackers had been lurking in IT systems – had operational outages not ensued, the attackers may have remained undetected in the organization for weeks, even months. For many adversaries, Governments are prime targets, enmeshed in a complex web of networks that offer criminals many points of entry in their pursuit to steal highly sensitive databases, or indeed disrupt critical services.

While specific details of the attack are yet to emerge, it certainly points to a wider global trend of persistent, sophisticated adversaries targeting and infiltrating critical organizations through surreptitious means – and the reality is, no organization is safe from attack.

Scaled-up Attacks, Stricter Legislation

The steady crescendo of major cyber compromises across the globe - including most notably the attack on SolarWinds - should serve as potent warnings to business leaders that today’s cyber challenges require skills that go beyond human capabilities. Against this backdrop of intensifying cyber battles, Government policies must quickly adapt; the draft Security Legislation Amendment (Critical Infrastructure) Bill was released in November 2020 and is currently under review from the Parliamentary Joint Committee on Intelligence and Security, expected to conclude this month.

Draft amendments to this legislation broaden the definition of critical infrastructure to include the communications sector, increasing the requirements on broadcasters such as Nine Network to manage and mitigate pervasive cyber risks effectively. Under this new framework, industries such as financial services, data processing, higher education, healthcare, space technology, transport, water, and sewage will also be classified as critical infrastructure. Testament to the seriousness of the challenge, company boards will also be obligated to have an Incident Response Plan and comprehensive risk management processes as part of their annual reports.

The attacks against Federal Parliament and Nine Network have consolidated a new reality of silent but deadly perpetrators who enter an organization unknown and remain undetected, waiting for the opportune moment to cause maximum operational damage or exfiltrate highly sensitive information. Faced with advanced cyber-attacks, and under tougher regulations, business leaders must acknowledge that the question is not if they will be breached but when – and a more worrying question still - are adversaries already lurking in their systems? 

AI-Driven Solutions

Company board members and senior executives must understand that today’s cyber challenges are not human scalable problems – cyber adversaries are indeed becoming more dangerous, even gearing up to incorporate machine learning and AI techniques to increase the speeds and scale of their attacks. In an environment more complex, convoluted, and murky than any physical battleground, now is the time for executive decision-makers to take decisive action.

Only Artificial Intelligence can be relied upon to re-take positions of defensive advantage – a technology that automates the processes of cyber-threat detectioninvestigation and response. Many solutions claim to be using AI, but the reality is that not all AI is created equal – the vast majority are simply analytical tools that rely on playbooks or training data that create reports only after events have occurred.

Cutting-edge, autonomous AI cyber defence is uniquely capable of detecting attackers from the inside, without prior knowledge of a system or environment. In addition, the technology can strategically, intelligently fight back within seconds to thwart attacks in their tracks – before damage is caused. AI has inaugurated a new frontier in the cyber security landscape, fundamentally empowering defenders to fight back against a new generation of supercharged threats. The technology is also redressing the deficit of stretched security teams who are limited both in time and capability by working as a force multiplier, responding at speeds that are simply unachievable for humans.

As investigations into the Federal Parliament and Nine Network cyber-attacks are ongoing, the Government will be reckoning with the reality that cyber defence is a fundamental enabler of a safer digital future – and an uncompromisable part of national resilience. Today’s cyber risks present existential threats to organizations and Australian business leaders must be attuned to this reality. Autonomous AI technologies are the only solution capable of fighting back against a new, more sophisticated, generation of hackers. 

Max Heinemeyer is Director of Threat Hunting, Darktrace.

Copyright © BIT (Business IT). All rights reserved.

Most Read Articles


What would you like to see more of on BiT?
How To's
Photo Galleries
View poll archive

Log In

  |  Forgot your password?