Despite all of the money, time and effort spent over the last few decades, we’ve been chasing the attacker… waiting for a ‘patient zero’ to emerge in the wild before any response to a new campaign can begin. But we are now living in a new era, where artificial intelligence (AI) can truly predict attacks by weeks, months, or even years ahead of a campaign. We call this the Cylance Predictive Advantage (CPA) that AI gives the defender over the attacker.
Measured in days, CPA is a metric for a new era of predictive prevention being ushered in by data science, and it will forevermore be the measurement of the true impact AI has on disrupting malware economies and nation-state efforts to evolve malware. Time… the ultimate battlespace advantage, is finally on the side of the defender.
Introducing the Cylance Predictive Advantage
A year ago, before the Vault 7 dump, and before the first version of the WannaCry ransomware was even conceived, let alone compiled, who would have predicted that a worming ransomware campaign leveraging an NSA-grade propagation tool would make headlines and affect a quarter million hosts over a single weekend?
Who would have predicted a kill-switch component that ended up being the Achilles heel for the first wave of the attack? Who could have known that the obtuse kill-switch domain was going to be: “iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com”?
Who could have predicted a 22-year-old researcher would register and sinkhole this domain to help stave off the initial wave of this attack? Who could have predicted that a worm (which we haven’t seen the likes of in nearly a decade) would have taken out hospital systems, two airlines, railway systems, two automobile manufactures, shipping companies, power companies, police departments, ATMs, and even laundromat machines around the world, infecting 300,000 machines, (Read more...)
This is a Security Bloggers Network syndicated blog post authored by Scott Scheferman. Read the original post at: Cylance Blog