Artificial Intelligence & Machine Learning , Cyberwarfare / Nation-State Attacks , Events

'Lazy' Hacking: Attack Automation Continues to Increase

But No Signs Hackers Yet Have AI, Says Cybereason's Ross Rustici
Ross Rustici, Senior Director Intelligence Services, Cybereason

Many security experts have been warning that one consequence of the rise of machine learning will be hackers gaining easier access to extremely automated and more intelligence types of attacks.

See Also: Enabling Government for Modernized IT

Thankfully, says Ross Rustici, senior director for intelligence services at Cybereason, attackers don't appear to have yet gained full machine learning and artificial intelligence capabilities. But they are making much greater use of automation.

"We have seen rapid scripting and rapid evolution of the threat from a dwell-time perspective, and so we've been seeing bots that can do full exploitation of machines and lateral movement within under a minute, based on the scripting technique," Rustici says.

Many online attackers have long utilized automated capabilities, such as botnet-building toolkits or malware generation tools. Even so, the rise in automated takeover and lateral movement represents "the first time that we're really seeing the hackers get this lazy and this hands off to harvest as many machines as possible," Rustici says.

In a video interview at the recent Infosecurity Europe conference in London, Rustici discusses:

  • The online threat landscape including increased automation;
  • Changes in North Korean cyberattack tactics;
  • The rise of machine learning and artificial intelligence and where its application makes the most sense.

Rustici is Senior Director for Intelligence Services at Cybereason. He previously worked for the U.S. Department of Defense as a technical lead, East Asia cyber lead and intrusion analyst, as a research analyst for the National Defense University and as a research assistant for Atlantic Council, among other roles.


About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe, ISMG

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.