Recently, Microsoft published a fascinating blog post. In the blog post, they said they were experimenting with "novel approaches" when it comes to harnessing the power of AI to spot threats on the threat landscape before they become a problem.
In particular, the company is focused on stopping ransomware attacks while they're still in their earliest stages.
To get even more fine-grained than that, they are specifically targeting human-operated ransomware campaigns. They note that there are certain indicators in common where human-operated ransomware campaigns are concerned, and these commonalities can be used to stop future attacks.
The example that Microsoft gives in their blog post is that of a hacker who has stolen the network credentials of a company. They will first log in to test those credentials, and once inside, will almost certainly move about inside the network in ways that the proper owner of those credentials would not.
This creates specific data points that the AI can be on the alert for.
Broadly speaking, these fall into three categories: Time based, Graph based, and device-based.
An example of a time-based data point would be if the hacker logged in to test the credentials at 3:00 in the morning and the owner of those credentials historically logs in at 8am.
Graph-based patterns are the graphical representation of physical moves across a network space, plotted against expected moves.
And device-based data points are exactly what they sound like. The AI would expect that the owner of the stolen credentials would log in from his or her workstation and not a laptop hidden behind layers of proxies, which is suspicious in and of itself.
It's a great idea, though Microsoft is quick to point out that it is still very much in its infancy. Even so, it's easy to see how this could become an indispensable tool.
________________________________________________________________________________________________________
"Fortune Favors Who Value Time over Money!"
"TeQ I.Q. was the 1st IT Company to Deliver Cloud Solutions since 2003"
Tech issues taking up your Time?
"TeQ I.Q. Makes Your Technology Simple and Easy"
Do you have Tech Frustrations like your Computer, Internet, Phone, Cellphone, Camera, TV, Car?
"We Take Away Your Tech Frustrations and Give You the Free Time You Deserve!"
Call Robert to ask all your Technology questions.
We are giving a Free in Person TeQ Seminar at our office in La Mesa every Wednesday from 12pm-1pm and a Free TeQ Support Q&A from 1pm-2pm. Go to https://www.teqiq.com/events for our upcoming Events and https://www.teqiq.com/seminars for info on each Seminar.
For Free Consultation Call Now Robert Black at (619) 255-4180 or visit our website https://www.teqiq.com/
Chase Bank and Others Trust TeQ I.Q. with their IT and TeQnology so can you!
