EMERGING TECH
EMERGING TECH
EMERGING TECH
AI tech combats cyberattack, cryptojacking
The global median time from when a computing network is compromised to discovery stands at 99 days, according to the Mandiant M-Trends 2017 report from FireEye Inc. The problem is that attackers are gaining access to domain administrator credentials (the keys to the kingdom) approximately three days after entry, based on data collected in the report. Come often … stay longer … steal everything.
This problem is a serious enterprise concern, because once 72 hours are up, a lot of very bad things can happen, and it is why Vectra Networks Inc. has developed a different approach — using artificial intelligence — to look for attacker behavior, not payload.
“One of the things that people aren’t paying enough attention to is the fact that all the systems they have in place are looking for exploits. They’re looking for malware. And there’s a lot of attacks that actually don’t use malware,” said Mike Banic (pictured), vice president of marketing at Vectra. “The smart attackers now sit and lay low, they watch how your enterprise operates.”
Banic spoke with John Furrier (@furrier), host of theCUBE, SiliconANGLE Media’s mobile livestreaming studio in Palo Alto, California, to discuss Vectra’s use of AI technology to combat threats and how its tools can be used to defeat cryptojacking.
Using metadata to analyze behavior
Vectra’s solution is to focus on network metadata rather than deep packet inspection. Its tools look for behavioral patterns using AI to analyze log information and seemingly innocuous system events that could reveal the presence of an unwanted intruder.
“The attacker has to perform certain things,” Banic explained. “Anybody in information technology should care when an internal host is being controlled by an external host.”
One of the rising threats to network security involves cryptojacking, the practice of criminals to take over networked computers and run cryptocurrency mining operations. This is an especially troubling trend because Vectra analysts are seeing criminals suddenly pivot and sell an operating crypto mining botnet to the highest bidder, who then turns around and launches a direct attack.
“We’ve seen that scenario in enterprises and have been able to alert the team in real time so they can stop it,” Banic said. “It’s the AI that’s doing it; it’s not a human that has to take an action.”
Watch the complete video interview below, and be sure to check out more of SiliconANGLE’s and theCUBE’s CUBE Conversations.
Photo: SiliconANGLE
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
