Non-malware attacks, artificial intelligence (AI), and machine learning (ML) have emerged as the topics du jour in cybersecurity.
AI and ML’s roles in preventing cyberattacks have been met with both hope and skepticism. They have been marketed as game-changing technologies though doubts still persist, especially when used in siloes. Their emergence is due largely to the climbing number of breaches, increased prevalence of non-malware attacks, and the waning efficacy of legacy antivirus (AV).
For businesses, cutting through the noise is no easy task.
For an accurate assessment of the cybersecurity landscape in 2017, Carbon Black turned to the experts. For this research, Carbon Black interviewed 410 leading security researchers in an effort to gauge how non-malware attacks, AI and ML are currently perceived.
The interviews point to some interesting trends. Among them:
– Non-malware attacks are increasingly leveraging native system tools, such as WMI and PowerShell, to conduct nefarious actions.
– Confidence levels in legacy AV’s ability to prevent non-malware attacks are low.
– AI is considered by most security researchers to be in its nascent stages and not yet able to replace human decision making in cybersecurity.
– Researchers say ML-driven security solutions can be bypassed by attackers.
– Cybersecurity talent, resourcing and trust in executives, continue to be top challenges plaguing many businesses.
In addition to key statistics from the research, the report also includes a timeline of notable non-malware attacks, recommendations for incorporating AI and ML into cybersecurity programs and an “In Their Own Words” section, which includes direct quotes from cybersecurity researchers and unique perspectives on the evolution of non-malware attacks.
Click here to read the full report
Nearly two thirds (64%) of security researchers said they’ve seen an increase in non-malware attacks since
the beginning of 2016. The vast majority (93%) of security researchers said non-malware attacks pose more of a business risk than commodity malware attacks.
Among the most common types of non-malware attacks researches reported seeing were: remote logins
(55%), WMI-based attacks (41%), in-memory attacks (39%), PowerShell-based attacks (34%), and attacks
leveraging Office macros (31%).
Two thirds of security researchers said they were not confident legacy AV could protect an organization from
non-malware attacks, such as those seen in the recent WikiLeaks CIA data dump.
Artificial Intelligence and Machine Learning
Three quarters (74%) of researchers said AI-driven cybersecurity solutions are still flawed. 70% of security researchers said attackers can bypass ML-driven security technologies; and nearly one-third (30%) said ML-driven security solutions are easy to bypass.
87% of security researchers said it will be longer than three years before they trust AI to lead cybersecurity
Executive teams expressed a 16% higher confidence level in their security solutions compared to the
employees who use that software day-to-day.
Attackers are primarily targeting customer data (62%), corporate IP (53%), service disruption (51%),
credentials (42%), and financial data (41%).
To learn how to defend your organization from non-malware attacks, join us at the upcoming webinar: “Beyond AV Webinar: Cb Defense in 20 Minutes.”