Cyberattacks have become a fixture of our news cycle. The latest data breach report from the Office of the Australian Information Commissioners (OAIC) has called to attention the penetration of various attack vectors, demonstrating the critical role of security for every business. For example, ransomware has hit half of Australian organisations in the past year, costing on average AU $822,000 per attack. Shockingly, despite more than two thirds running up-to-date endpoint security, it’s clear that traditional security methods are no longer enough to prevent cyberattacks. Customer privacy, lost data, operational downtime from ransomware attacks, and risks from unknown apps on the network are all at stake.

At the heart of these relentless attacks is the rise of machine learning – exploited by hackers to bring malicious files into the mix and compromise an organisation’s security. Considering this learning function is machine-powered, it presents a scary proposition if humans can’t stay ahead of it. So, how do we keep in front of hackers and beat them at their own game?

Machine learning: What’s the threat?

Machine learning is a branch of AI (Artificial Intelligence) that uses software models and huge amounts of data to create rules based on specific and varied scenarios. This means that computers have the ability to learn without being explicitly programmed. Machine learning models can generalise in a way that software-based programmed rules can’t, presenting an entirely new way to approach problem solving. It also provides hackers with a completely different way to approach their attack strategy.

Modern machine learning models are extremely good at finding subtle and complex correlations in training data. This allows them to learn ways of recognising things – whether it’s faces, patterns of fraud or spam – that human programmers can’t match. But this powerful capability can backfire in unexpected ways, with the potential to be abused by hackers. For example, to bypass legitimate security protocols it is increasingly important to know how to combat hackers who exploit machine learning capabilities for malware attacks, with another, more advanced form – deep learning.

From machine learning to deep learning: how to turn malware on its head

Getting a step in-front of the hackers of the future calls for a “deepened” approach to machine learning. Traditional machine learning models depend on expert threat analysts to select the attributes with which to train the model, adding a subjective human element. They also get more complex as more data is added, and these gigabyte-sized models are cumbersome and slow. These models may also have significant false-positive rates which reduce IT productivity as admins try to determine what is malware and what is legitimate software. In contrast, deep learning technology is designed to learn by experience, creating correlations between observed behaviour and malware that allows it to more effectively counter hacker threats.

Deep learning represents the latest evolution of machine learning. It delivers a scalable detection model that is able to learn the entire observable threat landscape. With the ability to process hundreds of millions of samples, deep learning can make more accurate predictions at a faster rate with far fewer false-positives when compared to traditional methods.

Deep learning presents a solution to the hackers’ who are exploiting machine learning, because it is ultimately more accurate, has higher detection rates, lower false-positives and is more intelligent. Recent research suggests that only 25 per cent of Australian organisations have implemented predictive next-generation technologies, such as machine or deep learning, although 60 per cent plan to implement it within the year. Combatting the rising numbers and growing intelligence of security threats will not just benefit from this technology, but actually require it moving forward.

Deep learning affords organisations’ the ability to guard against never-seen-before malware, using predictive protection capabilities to more surely counteract the growing sophistication of malware attacks. It’s time to go deeper to protect what’s at stake.

Ashley Wearne
Ashley Wearne, ANZ General Manager, Sophos. 30 years of experience working in high-tech multi national companies. A career characterized by over-achievement in executive management, channel strategy, sales management and complex enterprise solution sales.