AI will be fighting evolving viruses, malware in the wild — Sophos


Sumit Bansal
Director for ASEAN and Korea,
MANILA, PHILIPPINES — In early 2017, Sophos, a global provider of network and endpoint security, entered into an agreement to acquire Invincea, a provider of next-generation malware protection.

Invincea’s endpoint security portfolio is designed to detect and prevent unknown malware and sophisticated attacks via its patented deep learning neural-network algorithms. It has been consistently ranked as among the best performing machine learning, signature-less next-generation endpoint technologies in third-party testing and rated highly both for high detection and low false-positive rates.

“Artificial Intelligence or AI will be the next buzzword in malware detection,” said Sumit Bansal, Sophos Director​ ​for​ ​ASEAN​ ​and​ ​Korea in a roundtable interview with InterAksyon. “Not years, but in just a couple of months, our AI will be helping in detecting these malwares in the wild and deliver the protection.”

If you’ve seen the news, then you’ve probably read about the recent spate of hacks, viruses and malware that are plaguing the modern world. It is never a good thing to have your PCs, your office network or your company systems affected by these​ ​cyber​ ​attacks.

Only recently Sophos held a regional tech roadshow in the Philippines for customers who belong in finance, loans, conglomerates, manufacturing, government,​ ​and​ ​education sectors.

We wanted to know the state of cybersecurity in the world and in the Philippines, and it was fascinating to talk about Artificial Intelligence (AI), evolving viruses, malware and synchronized​ ​security.

In the advent of this ever evolving cyber threats, Sophos is not only keeping cadence, they’re trying different approaches to combat it. Aside from protecting and securing enterprises, they’re​ ​looking​ ​into​ ​protecting​ ​computers​ ​and ​connected​ ​mobile​ ​devices.

Artificial​ ​Intelligence​ ​is​ ​helping​ ​develop​ ​better​ ​Security​ ​solutions.

According​ ​to​ ​Bansal,​ ​Sophos​ ​is​ ​tapping​ ​Artificial​ ​Intelligence​ ​to​ ​fight​ ​against​ ​computer​ ​virus.

“Machine and Artificial Intelligence has been used for years… what’s new now is AI is better than people. These machines have become more active than human beings. So it makes sense to​ ​use​ ​that​ ​kind​ ​of​ ​technology​ ​to​ ​make​ ​predictive​ ​decision.”

Exploit​ ​kit,​ ransomware​ ​and​ ​phishing

At the roundtable, we asked Bansal the top three​ ​computer​ ​viruses​ ​in​ ​the​ ​world,​ ​today.

According to the Sophos executive: first there’s the exploit kit, second is the ransomware, and last is the phishing​ ​threat.

Phishing is a devious way to get confidential information such as usernames, passwords, financial records. Hackers do this by disguising their e-mails and web sites as trustworthy.

Most of the time they look like they came from reputable organizations or big financial institutions. But they’re not. Once a user visits these fake sites, hackers could also install malware​ ​or​ ​get​ ​the​ ​user​ ​to​ ​provide​ ​their​ ​financial​ ​and​ ​private​ ​information.

Bansal said this is the number one issue these days. In fact, 80% of security issues are caused by​ ​phishing​ ​threats.

Then there’s ransomware. This is actual software or code that gets downloaded into a user’s computer. Ransomware starts encrypting the data of the user and blocks access to it until a ransom is paid. But it does take days for it to work so the user might still be able to access their​ ​devices.​ ​​ ​Well​-​known​ ​type​ ​of​ ​ransomware​ ​today​ ​are​ ​the​ ​Wannacry​ ​and​ ​Petya.

Based on a Sophos study, a run-of-the-mill hacker beginner can make up to $4,000 a month from​ ​ransomware.

“They (hackers) don’t have to be geniuses to make the program to actually create the malware. All they have to do is to go to darkweb, buy the platform, buy the list of people they want to attack from there and then launch it… that’s what they could get with less than $500,” Bansal​ ​explained.

Last is the exploit kit, technique that hackers use to deliver malware. Exploit kit as the name suggests, identifies software and system vulnerabilities in devices and machines. Once it has discovered these vulnerabilities, it’ll exploit it, uploading and executing malicious code on these​ ​devices.​ ​Currently,​ ​there​ ​are​ ​24​ ​exploit​ ​kits​ ​out​ ​in​ ​the​ ​wild​ ​and​ ​more​ ​are​ ​being​ ​created.

Sophos​ ​also​ ​protects​ ​the​ ​home

So the next question is, what about protecting home computers and devices? People use their own computers and mobile devices to access corporate networks and e-mails. While Sophos is focused on providing enterprise security solutions, they acknowledge that the home is part of​ ​the​ ​corporate​ ​security​ ​ecosystem.

“We realized that our customers who use Sophos Synchronized Security and Sophos Central, a platform for managing different Sophos products at the office or at their workspaces, also like to be protected at home. And they would like to feel that they’re using the same console as Sophos​ ​Central,​ ​so​ ​we​ ​offer​ ​Sophos​ ​Home.”

Bansal added that Sophos Home provides business grade security for home Macs and PCs. It uses the same engine as other Sophos enterprise security products but it’s simplified. Sophos​ ​Home​ ​is​ ​free​ ​and​ ​users​ ​can​ ​be​ ​set-up​ ​up​ ​to​ ​10​ ​devices​ ​either​ ​on​ ​Windows​ ​or​ ​Mac.

Sophos continues to study hacker techniques and stop them from performing through the use of Next Generation Endpoint​. It prevents exploit kits in delivering malware, stops ransomware from​ ​running​ ​and​ ​then​ ​sends​ ​a​ ​report​ ​how​ ​it​ ​happened​ ​and​ ​how​ ​to​ ​clean​ ​it and​ ​check​ ​it.

Bansal said Sophos will continue to develop and build better solutions to protect and secure systems,​ ​whether​ ​they’re​ ​on​ ​the​ ​enterprise​ ​or​ ​at​ ​home.