Using artificial intelligence to fight cybercrime

Artificial intelligence is providing us with advances in all areas, but how does it relate to cybercrime? Well, let’s have a chat about it.

Here is one of those classic “it makes sense but doesn’t work moments”.

If I wanted to design the best home security system, then sensibly, I should go to the Police (who deal with all burglaries), and ask them to design me a product that protects my house against every theft they have ever seen. Then all I need to do, is wait for the police to tell me about any new crimes they have dealt with and I’d have update my device to protect against them as well; flawless you might think!

If that system worked, then after all these years of policing, there would be virtually no crime. Well guess what, there is more crime then ever… so clearly this is not a good strategy to follow.

Computer Antivirus and protection against cybercrime has gone the same way. You buy some software from ESET, Norton, AVG or any number of others, and the software knows about all historical viruses that have been caught. You wait for the provider to learn about a new virus, then update your software so it can protect against specific attacks.

This is a signature-based antivirus and you can see the similarity with the police example, you will also have seen that cybercrime is at an all-time high.

This leads us to think What if antivirus software had the ability to think for itself? Or what if it could learn and understand what you typically do on your computer, and just simply question anything out the ordinary?

Well, SonicWall have done such a thing. By using Capture Client the software will learn what typical activity is for your machine and if it sense something out of the ordinary, it will alert you.

To put this into perspective it’s a bit like a pet at home: most of the time its happy and content, but occasionally it senses something out the ordinary. It could be a different sound in the house, or a strange smell and you’ll soon be alerted when somethings up.

SonicWall Capture Client is designed to do exactly that. Your software no longer has to be told to learn a new virus, it teaches itself what’s normal and recognises when something out of the ordinary occurs.

What would this look like in a real life example?

Let’s look at the number of recent ransomware attacks that have hit so many firms. They encrypts all of their data, then ask for a large ransom to unencrypt the files. SonicWall Capture Client might spot a task that is trying to do this, pause that task and then simply ask “Are you sure you want to change all your files?

This clever way of thinking means you could leave your laptop in a cupboard, switched off for 12 months while you go and explore the world. You could then can come back a year later, switch it on and have better protection from cybercrime than most other antivirus products that are based on signature-based threat protection.

From a technical, logical, and strategic perspective, it should be a simple decision to switch from signature-based antivirus to intelligence-based antivirus.

How can we help?
Let's Talk